Email Encryption and Data Encryption – The Current Security Trend

Not only the IT companies but also the other sectors related to IT uses less security IT systems. For the past few months there have been new threats on the internet so the levels of the security obviously need to be increased. About 99% of the internet users use email as one of the potent business tools as well as personal tool, this is of course a vulnerable system for attack. Visit www.ezencrypt.com.

Securing the email must be the top to-do list of any corporate security expert in an organization. If the organization uses the emails for transferring more important and high confidential matter via email then there is an need for secure email gateway or encrypted email. Not only secure email systems but also other internet security desktop products such as anti-spam, anti-malware, anti-virus or firewall should be installed to have an highly secure environment over the internet.

Many corporations use an email gateway that encrypts messages as they leave the corporate perimeter. The problem with this approach is that it leaves internal mail completely unprotected and vulnerable to data theft, packet sniffing and malicious insiders. Though some of the organizations are comfortable using the VPN’s (Virtual Private Network), still if the organization is big, they need to provide an higher level of email security to save all the important and unimportant information sending/receiving out via their network, in a way that they are not vulnerable to malicious attacks.

Inorder to provide an suitable email encryption option, the point is to install an email security technology that would encrypt all the message/email that are sent from a client to any other client. If such email encryption technology is implemented, then there won’t be much insecure email traffic. The latest technology has been providing high end security tools and software, which is being integrated in the email system, which has made the email system management more easier and secure. So if any organisation that handles sensitive data or shooting out confidential email then email encryption is a must.

The email client encryption solutions are now extensible and are sufficient enough to take part in the enterprise encryption strategy with easy and flexible deployment. Now its almost high time, that all the organizations which use or do business via internet are vulnerable to attacks from hackers, so it’s a must that there should some standardized measures and polices that needs to be implemented, to have an secure internet and secure email system.

Incase a business or organization does an business via Internet in their own website also needs to have SSL security or Extended SSL encryption, Email certificates, etc and also should educate the consumers in doing an secure eCommerce business, inorder to prove their business identity and assurance by proving them that they are doing secure shopping.

Also take a minute to answer this survey inorder to provide you with more secure environment over the internet – Internet security Form

Download your free secure email encryption certificate here and buy you Website SSL Encryption Certificates here at www.ezencrypt.com

Internet Security Feedback Form | Questionaire

This posting I decided to know your valuable feedbacks which would help us in building an effective best free software security solution for all your needs.



Solid protection is that the software should have many useful security features, with effective funtioning. As per economics "There is nothing Permanent expect Changes" - This rule fits to the software visibly.

The fact is that when a software is being created and released the consumers feel that it would have been better if this software has got this(additional - which they expect to be in) feature too.

So the demand for the features keeps on increasing whenever an software is released. And the better overall performance is when the software satisfies the present internet security threats.
Though the Basic features with a combination of few advance features are given by the security software developers for the present scenario, still the security tools you need may lack some few features, when you come across some new threats.
Also its not only with the desktop security products but also with the registry scanning, scanning of websites, or website security etc consumers always look out for the up-to-date technology.

And whats Next? I think with your past experiences over the internet would help to give your valuable suggestions in getting an more quality software online for free.

For that developers have to think what would be the next. Not only the developers of the software also you - the person who is going to use the software. So I thought that it would be good if I am able to get the feedback from you itself, so that we would be able to build an very good security suite that may be up-to-date with all your expections.
Also go through my entire blog and check out some of my writings, security tools, free security softwares etc.
A few post of mine would help your think about what are the software avaliable for free? About the future of internet security, Desktop Security Tools for free and so on.
Just visit my entire blog posting so you would be able to understand what the past and present scenario is! and few good extracted articles which might help you in think about the future of internet security too.

I hope you would help me in building a very good security suite filling up the Internet Security Questionaire.

This form would help me in getting your opinions to our software developers and for you in getting the best software. :)

Name:
Email Address:
What is your Website?
What are the Security Softwares have you got installed in your PC?	Firewall AntiVirus AntiSpyware Anti-phishing Tool Bar Others None
How much are you ready to spend to buy an Internet Security Suite?	<$25 $26 - $50 >$50 Depending on the Security Suite
What kind of free Internet Security suite do you require and with what features?

create form

Advance Christmas Wishes! – The Shopping season has begun, is that your online shopping is Safe?

The Christmas season has begun and you have planned to buy so many gifts for you, your children, friends and relatives. Beautiful & Attractive wordings on the internet, for welcoming you for the online shopping stating welcome to our online shop, buy christmas presents and christmas gifts here!, Christmas cards, Clip Art, Gift Paks, crafts, decorations, Xmas recipes, shopping, christmas songs CD's & DVD's, stories, traditions and more. Buy one get one free and so many direct & online shopping ads and much more, but are you going to shop safe online?

Here are a few tips I wish would help you out getting your shopping genuine and healthy.

As the festival season has begun, the fraudsters and intruders are ready to break your happiness by just shooting a simple email to your inbox. The Spammers are creating so much attractive content that states, they are real one. But how do you know that the mail in your inbox is a genuine one and you are not spammed. If any links are specified in the email for buying something and its asks for your personal or credit card details check if that site has got a golden yellow pad lock, and the website begins with https://

See that you system has got a Firewall or Antivirus software, because the Spammers or Fraudsters may attach some virus or Trojans to their mail attachments. And also have a firewall so that no unknown person can access your system

Don’t buy online anything, unless you believe that its an secure website. And also try to install an anti-phishing toolbar which might help you in identifying the secure website.

Always check out whether the site is secure or not, by seeing the pad lock and its information (SSL Certificates). See if the website address matches the information provided in the pad lock information.

You can try to have the some of the following software’s for free which might help you in safe online shopping. Also ready my posts about anti-phishing toolbar, what is Spam?, Secure Banking Transactions, the expanded internet security SSL technology and also what’s the Future of internet Security to be safe in coming up online shopping sessions and so on.

So make your Christmas wonderful with secure shopping. The secure online shopping will make your money worth with good spending. So many online shops have implemented the secure internet strategy to welcome and help the consumers in secure online shopping and have safe internet sessions while they do online shopping.

Happy Christmas and a Very Happy (Online) Shopping! Lets this Christmas be unforgetful with your new gifts and cards.

Please fill out this form to help you serve better: Internet Security Feedback Form

SSL Encryption and its Methodologies | Encryption Systems | Symmetric Key | Public-key encryption | Authentication | Digital signatures | IT Security

I have been receiving mails for quite a long time asking how does encryption work i.e. the Public Key and Private Key work. So I was wondering how to explain them with examples. So I got a very good simple stuff from the web, which is really very good content. Here’s the extract for you. Though this is pretty big content, its worth reading. Also visit www.ezencrypt.com

What is SSL Encryption and why is it required?

SSL Encryption or Https is a technique used to safeguard private information which is sent via Internet. To prove the site's legitimacy, the SSL encryption uses a PKI (Public Key Infrastructure) - public/private key, to encrypt IDs, documents, or messages to securely transmit the information in the World Wide Web. In order to show that our transmission is encrypted, most browsers will display a small icon that would look like a pad “lock” or a key and the URL begins with "https" instead of "http”. SSL Encryption or https from a digital certification authority will help a secure site with confidential information on web.

Encryption Systems

Computer encryption is based on the science of cryptography, which has been used throughout history. Before the digital age, the biggest users of cryptography were governments, particularly for military purposes. The existence of coded messages has been verified as far back as the Roman Empire. But most forms of cryptography in use these days rely on computers, simply because a human-based code is too easy for a computer to crack.

Most computer encryption systems belong in one of two categories:

Symmetric-key encryption
Public-key encryption

Symmetric Key

In symmetric-key encryption, each computer has a secret key (code) that it can use to encrypt a packet of information before it is sent over the network to another computer. Symmetric-key requires that you know which computers will be talking to each other so you can install the key on each one. Symmetric-key encryption is essentially the same as a secret code that each of the two computers must know in order to decode the information. The code provides the key to decoding the message. Think of it like this: You create a coded message to send to a friend in which each letter is substituted with the letter that is two down from it in the alphabet. So "A" becomes "C," and "B" becomes "D". You have already told a trusted friend that the code is "Shift by 2". Your friend gets the message and decodes it. Anyone else who sees the message will see only nonsense

Public Key

Public-key encryption uses a combination of a private key and a public key. The private key is known only to your computer, while the public key is given by your computer to any computer that wants to communicate securely with it. To decode an encrypted message, a computer must use the public key, provided by the originating computer, and its own private key. A very popular public-key encryption utility is called Pretty Good Privacy (PGP), which allows you to encrypt almost anything.

To implement public-key encryption on a large scale, such as a secure Web server might need, requires a different approach. This is where digital certificates come in. A digital certificate is basically a bit of information that says that the Web server is trusted by an independent source known as a certificate authority. The certificate authority acts as a middleman that both computers trust. It confirms that each computer is in fact who it says it is, and then provides the public keys of each computer to the other.

The Process of Symmetric and Public Key in action.

For example in case of an email - The sending computer encrypts the document with a symmetric key, then encrypts the symmetric key with the public key of the receiving computer. The receiving computer uses its private key to decode the symmetric key. It then uses the symmetric key to decode the document.

Public Key: SSL

A popular implementation of public-key encryption is the Secure Sockets Layer (SSL). Originally developed by Netscape, SSL is an Internet security protocol used by Internet browsers and Web servers to transmit sensitive information. SSL has become part of an overall security protocol known as Transport Layer Security (TLS).

In your browser, you can tell when you are using a secure protocol, such as TLS, in a couple of different ways. You will notice that the "http" in the address line is replaced with "https," and you should see a small padlock in the status bar at the bottom of the browser window.

Public-key encryption takes a lot of computing, so most systems use a combination of public-key and symmetry. When two computers initiate a secure session, one computer creates a symmetric key and sends it to the other computer using public-key encryption. The two computers can then communicate using symmetric-key encryption. Once the session is finished, each computer discards the symmetric key used for that session. Any additional sessions require that a new symmetric key be created, and the process is repeated.

Hashing AlgorithmsThe key in public-key encryption is based on a hash value. This is a value that is computed from a base input number using a hashing algorithm. Essentially, the hash value is a summary of the original value. The important thing about a hash value is that it is nearly impossible to derive the original input number without knowing the data used to create the hash value. Here's a simple example:

You can see how hard it would be to determine that the value 1,525,381 came from the multiplication of 10,667 and 143. But if you knew that the multiplier was 143, then it would be very easy to calculate the value 10,667. Public-key encryption is actually much more complex than this example, but that is the basic idea.

Public keys generally use complex algorithms and very large hash values for encrypting, including 40-bit or even 128-bit numbers. A 128-bit number has a possible 2128 or 3,402,823,669,209,384,634,633,746,074,300,000,000,000, 000,000,000,000,000,000,000,000,000 different combinations! This would be like trying to find one particular grain of sand in the Sahara Desert.

Authentication

As stated earlier, encryption is the process of taking all of the data that one computer is sending to another and encoding it into a form that only the other computer will be able to decode. Another process, authentication, is used to verify that the information comes from a trusted source. Basically, if information is "authentic," you know who created it and you know that it has not been altered in any way since that person created it. These two processes, encryption and authentication, work hand-in-hand to create a secure environment.

There are several ways to authenticate a person or information on a computer:

Password - The use of a user name and password provides the most common form of authentication. You enter your name and password when prompted by the computer. It checks the pair against a secure file to confirm. If either the name or the password does not match, then you are not allowed further access.

Pass cards - These cards can range from a simple card with a magnetic strip, similar to a credit card, to sophisticated smart cards that have an embedded computer chip.

Digital signatures - A digital signature is basically a way to ensure that an electronic document (e-mail, spreadsheet, text file) is authentic. The Digital Signature Standard (DSS) is based on a type of public-key encryption method that uses the Digital Signature Algorithm (DSA). DSS is the format for digital signatures that has been endorsed by the U.S. government. The DSA algorithm consists of a private key, known only by the originator of the document (the signer), and a public key. The public key has four parts, which you can learn more about at this page. If anything at all is changed in the document after the digital signature is attached to it, it changes the value that the digital signature compares to, rendering the signature invalid.

Recently, more sophisticated forms of authentication have begun to show up on home and office computer systems. Most of these new systems use some form of biometrics for authentication. Biometrics uses biological information to verify identity. Biometric authentication methods include:

Fingerprint scan
Retina scan
Face scan
Voice identification

Checking for Corruption

Another secure-computing need is to ensure that the data has not been corrupted during transmission or encryption. There are a couple of popular ways to do this:

Checksum - Probably one of the oldest methods of ensuring that data is correct, checksums also provide a form of authentication because an invalid checksum suggests that the data has been compromised in some fashion. A checksum is determined in one of two ways. Let's say the checksum of a packet is 1 byte long. A byte is made up of 8 bits, and each bit can be in one of two states, leading to a total of 256 (28 ) possible combinations. Since the first combination equals zero, a byte can have a maximum value of 255.

If the sum of the other bytes in the packet is 255 or less, then the checksum contains that exact value.

If the sum of the other bytes is more than 255, then the checksum is the remainder of the total value after it has been divided by 256.

Let's look at a checksum example


· 1,151 / 256 = 4.496 (round to 4)
· 4 x 256 = 1,024
· 1,151 - 1,024 = 127

Cyclic Redundancy Check (CRC) - CRCs are similar in concept to checksums, but they use polynomial division to determine the value of the CRC, which is usually 16 or 32 bits in length. The good thing about CRC is that it is very accurate. If a single bit is incorrect, the CRC value will not match up. Both checksum and CRC are good for preventing random errors in transmission but provide little protection from an intentional attack on your data. Symmetric- and public-key encryption techniques are much more secure.

All of these various processes combine to provide you with the tools you need to ensure that the information you send or receive over the Internet is secure. In fact, sending information over a computer network is often much more secure than sending it any other way. Phones, especially cordless phones, are susceptible to eavesdropping, particularly by unscrupulous people with radio scanners. Traditional mail and other physical mediums often pass through numerous hands on the way to their destination, increasing the possibility of corruption. Understanding encryption, and simply making sure that any sensitive information you send over the Internet is secure (remember the "https" and padlock symbol), can provide you with greater peace of mind.

A part of the material is extracted from the following
Source: http://computer.howstuffworks.com/encryption.htm

Please fill out this form to help you serve better: Internet Security Feedback Form

Its all about | Virtual Private Network (VPN) | SSL VPN | SSL VPN Vs. VPN | Internet Protocol Security

Virtual Private Network (VPN) - A Brief

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, like the Internet, to provide remote access between two or more offices/individual users with secure access to their organizational network. In simple there are millions and millions of internet users all over the world, so while an person is traferring the data, it may be leaked out to others by some unsecure means. So inorder to share the information between two individuals alone, private network would be built, which gives access only to the 2 or a group defined users out of those millions and millions of unknown users. VPN - Virtual Private Network is nothing but building a tunnel, in a big mountain. A virtual private network can be contrasted with an expensive system of owned or leased lines that can only be used by a particular organization. The goal of a VPN is to provide access and security to the organizations at a lower cost, also with an additional level of security which involves encrypting not only the data, but also the originating and receiving network/IP addresses.

SSL VPN

An SSL VPN (Secure Sockets Layer virtual private network) is a form of VPN that can be used with a standard Web browser as in we use the SSL certificates. These SSL VPN's help in securing organisational or individuals database or information, which they want to share between themselves. The SSL VPN can be a good choice for Government databases, schools, companies which manage huge databases, libraries and other public information which needs to be transmitted online via internet, but where trust would be an issue, though easy access and low cost is also important. Such kind of applications include Web-based e-mail, online forms, business directories, government directories, educational institutions database, file sharing, remote backup, remote desktop support, Remote system management, consumer-level e-commerce, Solid banking databases etc.

(An extract for better understanding) SSL is a protocol for managing the security of message transmission on the Internet. SSL is included as part of both the Microsoft and Netscape browsers and most Web server products. It employs the public-and-private key encryption system from RSA. As TLS (Transport Layer Security), a refinement of SSL, replaces the earlier protocol, an SSL VPN is sometimes referred to as a TLS VPN.

What is the difference between SSL VPN & VPN?

This has been a question for a long time. Many people keep asking what is the difference between SSL VPN and VPN, is that SSL VPN more secure than an IP Security VPN? and so on. In Simple terms, SSL VPN (secure sockets Layer VPN) uses private keys to encrypt data over an SSL connection. Which are used in conjunction with Internet browsers for clientless remotes, Where You can see HTTPS instead of the HTTP in the browser if that website/login is a secured one.And whereas VPN IPSEC is an Internet Protocol Security the Tunnel and Transport mode, where Transport mode only encrypts the data portion of the packet and Tunnel mode encrypts the whole packet. So that its not in the cluthes of all the internet users, though secure.

I would like to recommend you to visit http://forums.comodo.com/, where you can discuss security related topics, softwares and much more . Also learn about The Future of Internet Security, Free Email Certificates, Bank Fraud Alerts and more.

Please fill out this form to help you serve better: Internet Security Feedback Form

Comodo's Email Certificates are Vista and Firefox Compatible

New compatibility with Vista and Firefox makes Email certificates available to many new users and remains free of charge. These Email certificates allow users to encrypt and digitally sign Email and attachments, keeping them secure and confidential. Encryption ensures that only the intended recipient(s) have access to the material and verify the sender's identity. The message and any attachments can not be tampered with during the transmission of the Email.

Other Competing software providers charge as much as $20 for Email certificates, but Comodo, in its commitment to ensuring the availability of online security solutions to everyone, continues to offer Email certificates for free. These certificates are fully trusted by 99% of Email clients.

Click to download a free Secure Email certificate.


*Free for personal use

The Future of Computer Security

Article by Comodo's President & CEO - Melih Abdulhayoglu

Source: http://forums.comodo.com/

The Future of Computer Security

People keep asking me:

Is AV dead? Is HIPS the ultimate solution? Are we going to need to have chips surgically implanted in our…”

Okay, let’s not degenerate this in the first fifty words. I’d like to start with some facts about the state of software security for PCs.

1. The world does not protect itself against Zero Day attacks. The majority thinks it does, but reality begs to differ.
2. People buy AV products because they don’t know any better. Ignorance is bliss, but not in security. Security checks have been bumped up since 9/11 – enough said.
3. People are lazy, myself leading that pack. We want things done, but we don’t want to lift a finger. It’s 2007, so we shouldn’t have to!

Let me expand on these points.

1. The world does not protect itself against Zero Day attacks.
Our primary protection is the use of software products called AV (antivirus). These products essentially create a signature for the malware, which functions much like a mug shot does for a criminal, but only after the crime has been committed. In PCland, AV can never be used as protection against Zero Day attacks because the virus signature (a.k.a. the mug shot) has not been created yet; hence, no protection. In an ideal, if not idiotic, world, virii authors would be kind enough to submit their malware to AV vendors, wait for them to create signatures and update their AV users, and then release their malware to the public so that we could catch zero day attacks. We can expect that about as much as we can expect the criminal to go to the police and say “hey, I’m going to commit a crime”, and the police to prevent the crime. My point: we just don’t protect ourselves against Zero Day attacks.

2. People buy AV products because they don’t know any better.
People buy a lot of AV, so it must be the best protection available, right? Wrong. This is not a good argument. People buy a lot of cigarettes, too. This is not to discredit AV; it does what it was designed to do, but it just isn’t enough by itself. Fraudsters and their toys are a force to be reckoned with, and AV alone isn’t up to the fight.

3. People are lazy.Look around you:
we built washing machines because we got tired of hauling our laundry and the washboard to the river and back. We built dishwashers so husbands wouldn’t have to wash dishes (and spot on, I say!). From cars to nappies, humans demand easy-to-use, painless solutions that give us more time for ourselves and deliver the desired outcome with minimal effort. We want the same from our internet security. We can clap our hands and turn on a lamp, so we should be able to “plug and protect” our PCs just as easily.

The future, from my point of view.
Our houses have doors, burglar alarms and insurance. Well, most do, at least. If you don’t have a door, a burglar can walk in and steal your PC; thus, the door prevents the burglar from entering.

But Melih, doors can be kicked in!

Yes, they can, so continuing to get stronger doors isn’t much of a solution. This is why we should never rely on just one layer of security. The door to the house isn’t enough, so we install a burglar alarm. If he can get in, at least we can detect him – prevention plus detection, two layers. Let’s say he cuts your electric wires or manages to turn off the burglar alarm in another way (They make it look so easy on TV, don’t they?). He walks away with not only your computer, but your priceless stamp collection, too. This is why we have insurance, to recover the value of stolen items. Thus, insurance is the cure, the third layer in our layered approach. Stacking up these layers, in order, to protect the PCs in our homes, we have:

1. A door for prevention
2. A burglar alarm for detection, and
3. Insurance for the cure.

I thought you were going to tell us how to secure our PCs, not our homes, Melih!

I just did. The layered approach can be just as easily applied to our PCs. We use AV as our main source of defense, but is AV prevention? No, it’s detection, the veritable burglar alarm for a PC, but it must have the malware signature – the burglar’s mug shot – or it won’t sound the alarm. A new burglar, however, has a free pass, and no alarm goes off. This, my friends, is the infamous Zero Day attack, which our AV allows to happen. Now relax, AV devotees. I’m not saying AV is crap; I’m just pointing out its weaknesses, so calm down. With AV, our PC “house” has a burglar alarm but no door. Ridiculous, right? But that’s how it is! Some of us employ Firewalls too, but that’s also a form of detection, with a little prevention thrown in, if it’s a decent Firewall that doesn’t leak. If a firewall does leak, it lets the burglar (malware) take something out of the house or, in firewallspeak, make a call to the Internet with your sensitive information. A good firewall sounds an alarm in the form of a popup when this happens, and a really good firewall gives you advice on what to do next. You need both the AV and the firewall to detect someone coming in and things going out. So now our PC house has a decent burglar alarm (detection), but no door. Yikes!

Dude, where’s my door?
This is where we are challenged and need to change the model altogether. We are backwards when it comes to our default settings, but we can overcome this. Today, it’s fair to say that PCs are running with the “default: allow” function, which means they are allowing everything to run and hoping to catch the bad stuff before it executes. It’s more of a swinging gate than a door, and can’t really provide the prevention we seek.

So we should run with the “deny all” function and only allow the good stuff, right?

Bingo. With the “default: allow” in place, we operate on a system of “blacklisting”, blocking only the things that we know ahead of time are destructive. By reversing that and only granting entry to those names on the “whitelist”, we save ourselves the hassle of trying to figure out who’s good and who’s bad. If you aren’t on the list, you’re not coming in, period. Thus, we have a door, it’s solid, and it’s locked.

But Melih, who wants to deal with all the popups asking us if we trust ‘this or that’?Frankly, no one, but why are we making the assumption that the whitelist database will be limited? It is feasible to create a very cogent whitelist security layer which will be virtually noise-free for the average user, and that is exactly what we are doing.

The days of going to bed without locking the front door are long past. PC security is, or should be, just as important as the security of our homes and personal belongings. We deserve to live our lives without the constant worry of burglary and vandalism, and only a layered approach will give us that peace of mind in regard to our computers.

Melih’s prediction: prevention will become the first line of defense!

thank you

Melih


Please fill out this form to help you serve better: Internet Security Feedback Form