Video Screencast Help
Scheduled Maintenance: Symantec Connect is scheduled to be down Saturday, April 19 from 10am to 2pm Pacific Standard Time (GMT: 5pm to 9pm) for server migration and upgrades.
Please accept our apologies in advance for any inconvenience this might cause.

Encryption Blog

Showing posts in English
Tim_Matthews | 27 Aug 2009 | 20 comments

Like everyone in the Macintosh user community, we're excited by Apple's early Friday delivery of Snow Leopard (Mac OS X 10.6). Unfortunately, like many applications at the moment, the currently shipping versions of PGP Desktop products (v 9.10) are not supported on Snow Leopard. This includes PGP Desktop Professional, PGP Desktop Home, PGP Desktop Email and PGP Whole Disk Encryption (a comprehensive list of Mac OS X applications and their status on Snow Leopard is available on the MacInTouch site).

While we are working diligently to complete the Snow Leopard compatible versions of the PGP Desktop products, we do not recommend you use the currently shipping versions on any system that has been upgraded to Snow Leopard. Please note that users wanting to migrate to Snow Leopard immediately must first decrypt all of their PGP WDE encrypted drives and uninstall...

Doug McLean | 24 Aug 2009 | 0 comments

Doug McLean - Blogmeister

Readers of this blog know that I've been following the case against Albert Gonzalez, the alleged mastermind behind the TJX breach. Last Monday came the shocking news that the Justice Department has concluded that Gonzalez also led the teams that breached both Heartland Payment Systems and Hannaford Bros. Supermarkets. Think about that for a minute, we've now traced three of the largest data breaches in history to the "vision" and leadership of a single man. Gonzalez is currently incarcerated in Brooklyn, NY where he's awaiting trial for allegedly perpetrating the comparatively modest breach of Dave & Busters Restaurants.

We've also learned that Gonzalez and his colleagues did not attack companies at random, but selected specific Fortune 500...

Shilpi Dey | 19 Aug 2009 | 0 comments

Shilpi Dey - Product Marketing Manager

Recently, three HSBC firms were fined several millions of dollars for "failing to adequately protect customers' confidential details from being lost or stolen". Sensitive customer data in the order of 180,000 records was sent to third parties on CDs and simply got lost in the mail. While no customer reported a loss from the failure, the Financial Services Authority (FSA) did not take too kindly to what they termed as the firms being "careless" and fined them to the tune of $5.3M.  As the HSBC firms tally their multi-million dollar fines during what’s described as one of the worst economic climates in the world's history,  the old adage comes to mind: penny-wise and pound foolish.

For the record, I'm not trying to pick on HSBC here, these kinds of breaches have now been reported by nearly...

Doug McLean | 18 Aug 2009 | 0 comments

Doug McLean - Blogmeister

The Washington Post broke an interesting story just before the Independence Day holiday about the issues the National Security Agency (NSA) has encountered in deploying their latest cyberdefense system. The Post requires a log-in to view the story, but the Wall Street Journal also covered the topic in more depth and it’s open to all to read, which I strongly recommend to anyone that cares about cybersecurity.

The basic story runs as follows. The Bush administration chartered the NSA with developing a comprehensive solution to both detect and block cyberattacks aimed at federal networks. The system, named Einstein, was originally deployed in 2002, though the functionality of the system was limited to intrusion detection, no countermeasure...

Brian Tokuyoshi | 18 Aug 2009 | 1 comment

Brian Tokuyoshi - Product Marketing Manager

I recently met with a customer who was concerned about his data retention policies. He’s responsible for a number of servers and data on mainframes, and he fully supports the idea of doing encryption to keep it safe.

This particular customer understands the  value of using open standards for encryption. He said the following to me. “We’re encrypting data and backing it up. So let me ask you what you think, you backup the data, you backup the key, but do you backup the application?” That’s a problem that never occurred to me, because PGP Encryption Platform applications use the OpenPGP standard. Files encrypted with PGP software can be decrypted with other software that supports the...

Robin Witty | 17 Aug 2009 | 0 comments

Robin Witty-Senior Product Marketing Manager

Are your company's emails really secure? Do you know for sure when most email sent over the Internet is in clear text and can be read by anyone with simple tools and know-how. Similar to the old party line telephone systems where neighbors could listen in on your phone calls, unauthorized parties can obtain confidential information from unencrypted corporate emails including valuable intellectual property or third party data that may require protection regulated by law.

If you think email breaches can’t happen to your company, consider a couple of high profile email breaches. Sarah Palin’s personal emails were posted to the web and her password was changed by a hacker. A...

Doug McLean | 14 Aug 2009 | 0 comments

Most of the news coming out of the Black Hat conference in Las Vegas focused on the new attack on AES and the bootkit attack on the TrueCrypt full disk encryption product. While these are certainly compelling pieces of research, I also found the reviews of the session on Russian organized crime to be quite interesting. The session was co-hosted by the FBI and McAfee and focused on the causes and consequences of the old line Russian criminal gangs entering the cybercrime business.

Make no mistake, these guys are not hackers that just happen to have turned to the dark side. There's not really a Russian mob so much as there is a mob that happens to be Russian. Russia has a long history of organized criminal gangs that go back to the...

Shilpi Dey | 29 Jul 2009 | 0 comments

Shilpi Dey - Product Marketing Manager

In today’s economy, more than ever, losing customers can be detrimental to a business. One surefire way of losing a customer is to lose their trust. A data breach affects an organization in many ways, and loss of reputation is just one of them.

Most organizations identify data at risk from the most common starting point – the endpoint. These are the laptops, desktops and USB devices that house an organization’s most sensitive data. However, increasingly, organizations are realizing that simply securing endpoints is not sufficient to protect this data. There is always the human dimension to consider: bad people doing bad things, and good people doing bad things, often inadvertently. But, there's also the question of how data, or information, is used, managed and maintained. To successfully address this problem, organizations need to address data at risk holistically.  After all, data is...

Brian Tokuyoshi | 06 Jul 2009 | 0 comments

Brian Tokuyoshi - Product Marketing Manager

Most people agree that open standards are good for everyone. Standards help companies deploy products that work together with existing investments, thus reducing the impact and issues of technology displacement. They help developers build products by not having to reinvent the wheel, and build upon the work that has already been done. It establishes some common ground that bridges the gap between the interdependencies for related products.

Perhaps one of the challenges for standards is recognizing the need for one, and the unforeseen and currently unattainable future that provides the benefit for all. Standards do not emerge without a need in the market, which typically originates from the proliferation of one-off proprietary technologies. The creators of said proprietary technologies tend to not want to give ground to an open standard, because they profit by locking in customers to their interpretation of...

Brian Tokuyoshi | 01 Jul 2009 | 0 comments

Brian Tokuyoshi - Product Marketing Manager

Are you working on some big secrets that you need to keep safe? I am talking about REALLY BIG ones.  Where can you get a tool that will handle your needs?

When I say “big secrets” I am actually referring to physical size, not sensitivity of the data. That’s because that a very large (13 foot long, 6 feet wide) device for encryption is now available on eBa.

At the RSA 2009 Conference in San Francisco, Jamie Hyneman and Adam Savage from the MythBusters television show provided an entertaining closing keynote speech. On the TV show, the duo act as skeptics of urban myths, and use large scale science experiments to test whether common beliefs hold water. At the conference, they used this device as part of their opening act. ...