Who owns your data, and what privacy laws govern it? Well, that depends on where you live. If you own it, you should have control over it. If you don’t own it, how secure is it? Recent data breaches that affected the majority of Americans have begun a national dialogue around the security of personal data. In fact, the high profile Equifax breach and others like it have prompted the… Read more

June 26, 2015 - Jan Valcke
The final days of user names and passwords

Last week’s announcement that the online password manager LastPass was hacked, made me realize that the term Secure Password has become the leading oxymoron of the 21st century. The issue of insecure passwords has resurfaced; this is once again a reminder to the need for one-time passwords. The average internet user typically administers twenty-five accounts. These twenty-five accounts are protected by on average six different static passwords, but users seem… Read more

June 18, 2014 - Victoria Abramson
Do Cloud Applications Deliver Convenience or Danger?

Banned. Condemned. Not Allowed. These are some of the phrases used to describe what I consider some very useful cloud applications. As technological advances bring more consumer gadgets into our business environments, we as users begin to lose track of where our personal domain ends and our employer’s begins. It’s convenience that drives adoption of public cloud applications, mobile devices, and mobile apps in the business world. “If it makes… Read more

Could your mobile voicemail system help hackers unlock your online accounts?

In 1993, Peter Steiner submitted a pen-and-ink cartoon to The New Yorker magazine, featuring two dogs at a desk.  One of them is sitting in front of a computer screen and says to the other: “On the Internet, nobody knows you’re a dog” Steiner and The New Yorker probably didn’t realise at the time just how true that was, and what a challenge the issue would become as more and… Read more

On Monday April 7th, news broke about the so-called Heartbleed bug. Heartbleed is a flaw in OpenSSL, a software library implementing the Transport Layer Security (TLS) security protocol. TLS is widely used to protect communication via websites, e-mail, instant messaging, etc. It can be recognized by the prefix “https” or by a lock in the address bar of a browser. The Heartbleed bug The Heartbleed bug allows an adversary to obtain… Read more

effective authentication solution

Implementing an effective authentication solution can only be achieved by finding a true balance between security, user-friendliness and total cost of ownership. When looking for a solution to secure your online application, you will run into conflicting goals. You want the solution to be as secure as possible, but at what cost? And of course, you want your customers to be able to use it on their preferred mobile platforms…. Read more

March 12, 2014 - Jan Valcke
cracking passwords

A while ago, Ars Technica, a US magazine, had a rather eye-opening experience. A list of 16,000 encrypted passwords was given to Nate Anderson, the publication’s Editor-in-Chief, then to three cracking experts. After a few hours’ work, Nate Anderson, though a newcomer to the field, managed to decipher nearly half of the 16,000 passwords. The three seasoned crackers between them hacked 82% of the passwords on the list in under… Read more