Google researchers reported recently two major security flaws, Meltdown and Spectre, that could affect almost all computers, phones and servers and these vulnerabilities affect device’s microprocessors.
If you’re still using FTP or other consumer storage and transfer solutions for your business requirements, here are 3 reasons to switch to an secure modern solution such as a virtual data room. Remember when you discovered FTP (file transfer protocol) and you thought it was so advanced to be able to upload your data to cyber space? In the good old days before online security became a critical issue, FTP was the answer to transferring information, particularly large files. The problem is, FTP is 40 years old now, and that’s ancient in terms of information technology.
Several weeks ago it was discovered that a new vulnerability, which allows a downgrade attack against the TLS protocol itself called Logjam, which exploits EXPORT cryptography.
This vulnerability does not affect EthosData´s virtual data room. Our servers infrastructure and encryption communication does not allow to downgrade attacks as it have a strong 2048-bit encription key exchange parameters (Diffie-Hellman key exchange).
A group from INRIA, Microsoft Research, Johns Hopkins, the University of Michigan, and the University of Pennsylvania published a deep analysis of the Diffie-Hellman algorithm as used in TLS and other protocols.
So, as we discussed, social engineering is usually the weakest link in document and IT security.
Our virtual dataroom clients frequently ask us for advice or best practices to fight social engineering. Here are the top 6 we tell them:
1.Protect Your Passwords
This sounds like a no-brainer, but it’s not as straightforward as it sounds. People regularly give out passwords without realizing it, for reasons such as receiving a text message from the “boss” saying he has forgotten his password and can’t access his information while in an important meeting. Make it a rule for no-one to disclose a password ever, under any circumstances whatsoever. If a password is mislaid, follow secure protocols for resetting it and creating a new one.
Social engineering is probably the biggest threat for your confidential information. We as dataroom providers spend a very significant amount of time making sure that our professionals are well versed in the tricks that can take down the most secure systems.
In the third of our posts about a robust security policy from a Virtual Data Room provider's perspective, let’s take a look at how you actually implement the policy. As in other posts in these series, we are sharing with you some of the learning/policies, that we have implemented in EthosData to manage our Dataroom business.
The hardest part of the process is often rolling it out to your organization and getting employees’ buy-in and commitment to comply with it. The best intentioned projects can fall flat when it comes to the implementation phases, so you need to plan this step carefully to ensure its success.
Recently we wrote about the importance of implementing basic security policies from a virtual data room perspective. We highlighted how to assess the risk and take a systematic approach to the things a robust data security plan needs to cover. All your efforts are worthless, however, if you don’t follow through by tracking compliance with the policy, keeping it updated as new risks present themselves and educating your employees on how best to use the policies they have.
Security of your critical business data is paramount no matter if you are running a high profile transaction through a Virtual Data Room or just running your normal business transaction on a daily basis. Companies, regardless of size, rely on critical business data in order to succeed and flourish.
Its Monday ! Here we are again to stress on the importance of Security and how a Virtual Data Room can protect and minimize potential threats to your confidential documents. The same ingenuity that brought us the technology of the information age brought us cybercrime – a new class of criminal activity that takes place entirely online. It includes security breaches, compromised intellectual property, identity theft and fraud. Business is particularly vulnerable to the Advanced Persistent Threat (APT) category of cybercrime.
What would the damage to your company be of such an attack? Safeguard your sensitive information by understanding how APTs work and how to protect yourself against them.
A virtual data room should provide 24/7 availability. Important transactions such as M&As and IPOs operate according to strict timetables, and delays can result in major problems and added expense for the parties involved. Any respectable virtual data room platform has to be designed to accommodate the fact that deals are done around the world and around the clock. . This means high availability is crucial, and asking the right questions when choosing a VDR service provider is key to ensuring that you get it.