Mr Canadiana

Congratulations to Scott Gregory of Amazon.com, who was the winner of our big basket of Canadiana.  Scott, we hope that you will think of your friends on the Dark Matter team here in Victoria as you gaze across the Strait of Juan de Fuca - and sip that Canadian beer.

New Friends from the Secure World Show

Thanks to everyone who came by the booth to chat about Dark Matter Labs' JANA encyrption device.  We had a great time and look forward to working with all of you soon.  

PCI Panel at Secure World Seattle

Dark Matter's Jeff MacMillan joined Trustwave, Anitian and Astaro on a panel exploring how CIO's can leverage PCI compliance to improve their overall information security policy and structure.

Secure World Expo runs in Bellevue, WA until October 30th.

The Long Line Begins Here...

While this vulnerability seems to be the source of much discussion and concern, it is really just another in a long line of regularly occurring security threats. The true nature of network security, regardless of the platform or operating system used, is that there will always be vulnerabilities, particularly as technology keeps changing faster than most can adapt.

While it is vitally important that businesses strive to maintain numerous layers of up-to-date network security, there has never been a greater need to concurrently protect your confidential data at the source using strong encryption. Although the goal is to avoid data loss in the first place, it is now crucial to employ encryption in order to know that should the data lost or stolen, it is still secure and unusable.

Historically, data encryption has been considered an optional last line of defense. Given the uncertainty of network security strategies and the sophistication of cyber-criminals, Dark Matter Labs believes we've reached the day where strong data encryption is actually the first true line of defense.

Your Wired Keyboard is a Security Threat

Most security officers know better than to use wireless keyboards around the office, although for some reason there are still many out there. Now we are hearing that today's off-the-shelf snooping equipment is sufficient to "listen" in on EM radiations from wired keyboards from 20 feet away. This was bound to happen in the mainstream sooner or later. Some government and military agencies have been taking precautions for this threat, as well as CRT monitor radiations for several years now.

Although it is likely that these types of attacks are still a ways off from being highly effective, one can say that this increases the risk of user passwords being compromised. This further strengthens the need for data encryption as new ways to steal data continue to appear. Dark Matter believes that encryption devices should allow multiple users to seed the passwords for any given data field, and be able to do so from separate locations thus defeating anyone's ability to remotely 'listen' in as they type in their encryption keys.

Mandatory Encryption

Several U.S. states are drafting security regulations requiring most businesses to encrypt private customer data such as payment info. This clearly reflects the beginning of a regulatory trend that isn't going to go away.

Nevada and Massachusetts have begun implementing these regulations while Washington state and Michigan are strongly considering them. What's more, since these states require out-of-state businesses operating within their borders to comply, these business will have to adapt wherever they are located, or cease business in those states. In reality, we can expect most states to jump on board sooner or later. Since data encryption can be very confusing for many businesses, in particular small businesses that don't have dedicated IT staff, one can anticipate this will be a difficult process, although it doesn't need to be.

Maybe This is Why They Need a Bailout

I wish I could say this was an isolated incident but stories of banks being hacked have been surfacing for years and it seems that the attacks are getting more frequent and more severe. Hackers today know exactly what they are looking for and are not playing pranks.

Although most large banks take security very seriously, their network infrastructures are vast and widely distributed. Such networks can be difficult to maintain and to monitor for intrusion. While most employ data encryption of some kind, many of their solutions are home-grown or antiquated. These systems need to be replaced but many banks put it off as they believe the process too costly and difficult because their systems are usually a conglomeration of mismatched technologies added over time.

Knowing that many enterprise sized businesses have similar infrastructures that have been built up over time, Dark Matter believes that any enterprise encryption solutions should integrate easily into any existing network with a minimum of configuration.