BLOG

The Internet of Things (IoT) demands the need to safeguard data between devices, sensors, and backend platforms connected within an IoT ecosystem.

Vulnerabilities, Requirements for Code Signing Certificate, Certification Authority Authorization (CAA) Standards

Public trust, private trust, or a combination of the two? What do the different options mean, and what are the considerations around each? In Part 1, we reviewed the concept of policy authorities and did a deep dive on public trust, talking about the benefits and drawbacks of that model. In Part 2, we conduct a similar deep dive on private trust and discuss public/private hybrid approaches that might benefit your organization.

As hubs of research, academia and culture, colleges have been targets of hackers on more than one occasion in the past few years. In 2014, one university reported a data breach that exposed the personally identifiable information of hundreds of thousands of students and staff, dating back to 1998.

In the past few years, financial institutions have started dealing with a new breed of robber, the cybercriminal. One prominent hack in February resulted in at least $80 million in losses, and brought the issue back into the limelight – and it may linger there for quite some time.

Whether you're running a massive, top-secret facility that houses NSA intelligence, you're a health care provider that relies on its data center for access to patients' medical records or you're a world-leading cloud provider, slacking on authentication is just about the dumbest thing you can do. Keep your organization's data – or your customers' data in the case of a cloud vendor – safe with smart, strong authentication.  

Looking Back at 2015 A number of new tactics proved 2015 was no exception to an active year defending against ever increasing security issues. Vendors found new and creative ways to provide vulnerabilities including the now popular man-in-the-middle (MitM) attacks. MitM as well as a host of other new vulnerabilities caused browsers to rethink their security requirements. This article gives a flashback of the exploits and industry changes from 2015 and looks ahead at the latest security requirements and how it impacts IT security teams

When it comes to ePassports, that's not a topic that is new to governments. In fact, it has been a subject of discussion - and action - for some time now. Back in 2012, the International Civil Aviation Organization (ICAO) put out a report stating that roughly half of U.N. member states were issuing ePassports. At the time, the U.S. was leading the pack in terms of ePassport offerings, but European countries and nations in the Asia-Pacific region were also gaining momentum as far as their own ePassport presence, according to SecureID News. 

Back in 1994, Entrust debuted the world's first commercially available public key infrastructure. In the more than 20 years since then, it's been refining and building on the technology. Over the past two decades, enterprise security needs have skyrocketed alongside the growth of connected technology. According to one report from last year, 94 percent of the organizations surveyed reported experiencing cybersecurity issues. These days, a single targeted attack can end up costing an enterprise millions of dollars - and it's not only big corporations and financial institutions that are targeted: From medicine and government entities to small and medium-sized companies, everyone is a target. Across the board, susceptibility to cybercrime has never been higher.

As of April 1st, 2015, the lifetime of SSL certificates has now been reduced to 39 months, in accordance with the CA/Browser Forum Baseline Requirements. Moving forward, consider using shorter life certificates. Even though the maximum validity period is now 39 months, you can drop this validity period to one or two years. Consider the validity period as the backstop to protecting your private key, your website, and your user’s data. But remember one important item, when you renew your certificate, please create a new private key.