Page 4«..3456..1020..»

Security Packages | High-Speed Internet | Windstream

Shield Lite

Security Suite provides protection against the latest threats 24/7, requiring no action on your part. Our software continually updates itself with new enhancements and upgrades delivered behind-the-scenes. Backed by renowned McAfee products, updates of any kind download faster. Our simple user interface is designed for ease of use.

Identity Theft Protection provides you with 24/7 credit monitoring and instant access to your credit report and credit score. It also provides you with SSN monitoring that alerts you when activities or changes take place using your Social Security Number. Our Identity Theft Protection also includes CyberGuard, which monitors known criminal websites for illegal trading of personal information. Other features include: change of address monitoring, non-credit loans monitoring, restoration services, and one million dollar insurance.

Online Data Backup keeps a copy of all of your most important files so you never lose them. It also allows you to share files with your family and friends and access and organize your files from anywhere.

Follow this link:
Security Packages | High-Speed Internet | Windstream

Read More..

Internet Security Lectures by Prabhaker Mateti

Internet Security Lectures by Prabhaker MatetiPrabhaker Mateti

Abstract:Data integrity and privacy on the Internet primarily rests on usingcryptography well. Unfortunately, it is easily compromised by errorsin (operating) system configuration. This lecture is a quick overviewof cryptography as relevant in Internet security and passwords.

Data integrity and privacy on the Internet primarily rests on usingcryptography well. The design and implementation of cryptographyrequires deep understanding of discrete mathematics and number theory.Unfortunately, when cryptography is deployed carelessly, it is easilycompromised by errors in (operating) system configuration. Thislecture is a quick overview of cryptography as relevant in Internetsecurity and passwords.

A cryptographic encryption algorithm, also known as cipher,transforms a “plain text” (e.g., humanreadable) pt and outputs cipher textct as the output,

so that it is possible to re-generate the pt fromthe ct through a companion decryption algorithm. Notethat we said “for example, human readable” and not”that is, human readable” as an explanation for the phrase”plain text”. Often, the so-called “plain text”is human un-readable binary data that is ready-to-be-used by acomputer.

Ciphers use keys together with plain text as the input to produce cipher text. It is in the key that the security of a modern cipher lies, not in the details of the algorithm.

Roughly speaking, computationally infeasible means that a certaincomputation that we are talking about takes way too long (hundreds ofyears) to compute using the fastest of (super)computers.

Suppose our key is a 128-bit number. There are

340,282,366,920,938,463,463,374,607,431,768,211,456

128-bit numbers starting from zero (i.e., 128 bits of 0). Torecover a particular key by brute force, one must, on average, searchhalf the key space:

170,141,183,460,469,231,731,687,303715,884,105,728.

If we use 1,000,000,000 machines that could try 1,000,000,000keys/sec, it would take all these machines longer than the universe aswe know it has existed to find the key.

This is not the same thing as saying that computationalinfeasibility is the same idea as Turing-incomputable. Nor is it thesame thing as saying that you cannot make a lucky guess, orheuristically arrive at a possible answer, and then systematicallyverify that the guessed answer is indeed the correct answer, all donewithin a matter of seconds on a lowly PC. Here is an example:Microsoft Windows NT uses the DES encryption algorithm in storing thepasswords. Brute-forcing such a scrambled password to compute theplain text password can take, according to Microsoft, “about abillion years.” But the L0pht team( http://www.l0pht.com) claims thatL0phtCrack breaks Windows passwords in about one week, running in thebackground on an old Pentium PC.

In the context of cryptography, the factorization of an arbitrarilylarge number N, into its constituent primes, determining the powersn2, n3, n5, n7, etc. of the primes, is computationally infeasible –as far as we know.

N = 2n2 * 3 n3* 5 n5 * 7 n7* …

Based on this, the decryption is computationally infeasible. Note thatthis is assuming that we are using known methods, including brute force.

Is it possible that some one or some country has actuallydiscovered fast algorithms, but chose to keep them secret, for these tasksthat we believe to be computationally infeasible?

A hash function maps input sequences of bytes into a fixed-lengthsequence. The fixed length is considerably shorter than thetypical length (thousands of bytes) of the input, and hence thefunction is a hash function.

The nature of all hash functions is that there must exist multipleinput sequences that map to the same hash. The inverse is amathematical relation, not a mathematical function. But, good hashfunctions have the following properties: It is hard to find twostrings, from the expected set of typically used strings, that wouldproduce the same hash value. A slight change in an input stringcauses the hash value to change drastically.

A “one way” hash function is designed to be computationallyinfeasible to reverse the process, that is, to algorithmicallydiscover a string that hashes to a given value.

One-way hashfunctions are also known as message digests (MD), fingerprints, orcompression functions. The most popular one-way hash algorithms areMD4 and MD5 (both producing a 128-bit hash value), and SHA, also knownas SHA1 (producing a 160-bit hash value).

As of 2006, both MD5 and SHA1 are considered separately broken. Thatis, given plain text p, it is possible to modify p to a desired p’ sothat md5(p) == md5(p’); similarly, for SHA1. What is not known is ifwe can modify p to a p’ so that md5(p) == md5(p’) and sha1(p)== sha1(p’).

Symmetric-key cryptography is an encryption system in which thesender and receiver of a message share a single, common key to encryptand decrypt the message. Symmetric-key systems are simpler andfaster, but their main drawback is that the two parties must somehowexchange the key in a secure way. Symmetric-key cryptography issometimes also called secret-key cryptography.

If ct = encryption (pt, key), then pt = decryption (ct, key).

The most popular symmetric-key system is the DES, short for DataEncryption Standard. DES was developed in 1975 andstandardized by ANSI in 1981 as ANSI X.3.92. DES encrypts data in64-bit blocks using a 56-bit key. The algorithm transforms theinput in a series of steps into a 64-bit output.

IDEA (International Data Encryption Algorithm) is a block cipherwhich uses a 128-bit length key to encrypt successive 64-bit blocks ofplain text. The procedure is quite complicated using subkeys generatedfrom the key to carry out a series of modular arithmetic and XORoperations on segments of the 64-bit plaintext block. The encryptionscheme uses a total of fifty-two 16-bit subkeys.

Blowfish is a symmetric block cipher that can be used as a drop-inreplacement for DES or IDEA. It takes a variable-length key, from 32bits to 448 bits, making it ideal for both domestic and exportableuse. Blowfish is unpatented and license-free, and is availablefree for all uses.

Public key cryptography uses two keys — a public key knownto everyone, and a private or secret key that is safeguarded. Public key cryptography was invented in 1976 by WhitfieldDiffie and Martin Hellman. For this reason, it is sometimes alsocalled Diffie-Hellman encryption. It is also calledasymmetric encryption because it uses two keys instead of one key. The two keys are mathematically related, yet it is computationally infeasible to deduce one from the other.

Unfortunately, public-key cryptography is about 1000 times slowerthan symmetric key cryptography.

The most well-known of the public-key encryption algorithms is RSA, named after its designers Rivest, Shamir, and Adelman. The un-breakability of the algorithm is based on the fact that there is no efficient way to factor very large numbers into their primes.

An example of the above numbers: rsa.txt. Look up the man page: openssl(1).

The e and d are symmetric in that using either ((n,e) or (n,d)) as the encryption key, the other can be used as the decryption key.

The only way known to find d is to know p and q. If the number n is small, p and q are easy todiscover by prime factorization. Thus, p and q are chosen to be as large as possible,say, a few hundred digits long. Obviously, p and qshould never be revealed, preferably destroyed.

Encryption isdone as follows. Consider the entire message to be encrypted asa sequence of bits. Suppose the length of n in bits is b. Split the message into blocks of length b or b-1. A block viewedas a b-bit number should be less than n; if it is not, choose it to beb-1 bits long. Each block is separately encrypted, and theencryption of the entire message is the catenation of the encryptionof the blocks. Let m stand for a block viewed as a number. Multiply m with itself e times, and take the modulo n result as c,which is the encryption of m. That is, c = m^emod n.

Decryption is the “inverse” operation: m = c^dmod n.

The Digital Signature Algorithm (DSA) is a United States Federal Government standard for digital signatures.

An example of the above numbers: dsa.txt.Look up the man page: openssl(1).

Public-key systems, such as Pretty Good Privacy (PGP), are popular for transmitting information via the Internet. They are extremely secure and relatively simple to use. You need to retrieve the recipient’s public key from one of several world-wide registries of public keys that now exist to encrypt a message.

When John wants to send a secure message to Jane, he uses Jane’s public key to encrypt the message. Jane then uses her private key to decrypt it.

In real-world implementations, public keys are rarely used to encrypt actual messages because public-key cryptography is slow. Instead, public-key cryptography is used to distribute symmetric keys, which are then used to encrypt and decrypt actual messages, as follows:

A digital signature is a way to authenticate to a recipient that a received object is indeed that of the sender.

The public key-based communication between Alice and Bob described above is vulnerable to a man-in-the-middle attack.

Let us assume that Mallory, a cracker, not only can listen to thetraffic between Alice and Bob, but also can modify, delete, andsubstitute Alice’s and Bob’s messages, as well as introduce newones. Mallory can impersonate Alice when talking to Bob andimpersonate Bob when talking to Alice. Here is how the attackworks.

A man-in-the-middle attack works because Alice and Bob have no wayto verify they are talking to each other. An independent third partythat everyone trusts is needed to foil the attack. This third partycould bundle the name “Bob” with Bob’s public key and signthe package with its own private key. When Alice receives the signedpublic key from Bob, she can verify the third party’s signature. Thisway she knows that the public key really belongs to Bob, and notMallory.

A package containing a person’s name (and possibly some otherinformation such as an E-mail address and company name) and his publickey and signed by a trusted third party is called a digital certificate (ordigital ID). An independent third party that everyone trusts, whoseresponsibility is to issue certificates, is called a CertificationAuthority (CA). A digital certificate serves two purposes. First, itprovides a cryptographic key that allows another party to encryptinformation for the certificate’s owner. Second, it provides a measureof proof that the holder of the certificate is who they claim to be -because otherwise, they will not be able to decrypt any informationthat was encrypted using the key in the certificate.

The recipient of an encrypted message uses the CA’s public key todecode the digital certificate attached to the message, verifies it asissued by the CA and then obtains the sender’s public key andidentification information held within the certificate. With thisinformation, the recipient can send an encrypted reply.

The most widely used standard for digital certificates is X.509,which defines the following structure for public-key certificates:

You can obtain a personal certificate from companies likeverisign.com or comodo.com.

The Web.

View post:
Internet Security Lectures by Prabhaker Mateti

Read More..

Vipre Internet Security 2016 Free Download – Softlay

Vipre internet security 2016 free download latest version for windows xp/7/8/10. Get offline standalone setup of Vipre internet security 2016 for windows 32-64 bit PC. Award wining Vipre combines with antivirus and anti spyware technologies, and other advanced features protect, & wont let slow down your computer.

Protect yourself from all kind of potential threats such as Trojans, malware, Spam, Spyware & cyber-crime. Vipre internet security software 2016 is handy tool which protects your PC against threats. Its antivirus and firewall software for PC users. The installation process is easy it has intuitive user interface. Virpe consumes less system resources while scanning for threats and viruses on your computer, keeping your PC fast for routine tasks.

Real time protection feature of Vipre watches for threats. It also safeguard you while browsing online, checking for the link that may harm your computer. It also block all malicious websites on your computer. You can also scans removable drives from vipre internet security 2016 before connecting to your PC. Social watch feature scan for all bad links on your Facebook account that could harm your PC with malware, spyware, Trojans etc. Protecting yourself from email threats, it scans internet security threats in Outlook, Outlook Express, Windows Mail, and any email program using POP3 and SMTP.

Below are the key features of Vipre 2016 internet security software.

Below are the minimum system requirements for Internet security software 2016.

Excerpt from:
Vipre Internet Security 2016 Free Download – Softlay

Read More..

What is cloud computing? – LinkedIn

Course Transcript

– [Instructor] Before we can begin to explore the cloud including strategies for migrating to the cloud, and cloud tools to consider, we should understand what the cloud really is, so let’s begin with a quick overview of the cloud, then what cloud computing means. The label cloud computing is really a metaphor for the internet. If you’ve ever looked at a network diagram, the internet portion of that network is typically represented by a cloud graphic. Also important to consider, the cloud in a diagram like this will typically represent the part of the solution that is someone else’s concern, and that is what cloud computing’s all about. By leaving a good chunk of the networking solution in someone else’s hands, a person or a business can cut operational costs dramatically while allowing them or their IT departments to concentrate on strategy as opposed to maintaining the data center. But these days it would be overly simplistic to equate cloud computing to the internet. A person or a business might choose to access applications that reside at a location other than their own computers or servers. Think Microsoft Office for example. This would eliminate the need to install applications locally on every computer at home or at the office, and when an update or even upgrade becomes available, there’s no work to be done at your end, because someone else is hosting those applications and the updates are completed by them, not you. They handle it all including the cost of the servers that host those applications. Of course data storage has become a big piece in the cloud computing puzzle as well. With some or all of your data stored in the cloud, you can cut capital expenditures since you won’t need to buy the equipment needed to store everything. Think of all those photos on your tablet as a personal example. And, one of the biggest advantages to the cloud is the ability to access your applications, and your data from anywhere, on any device that connects to the internet. Users simply login from wherever they are to use their applications, and access their data. No more copying files and transferring them to multiple devices. This is great for sharing and collaborating on files too. Of course with anything IT-related, there are also going to be cons and that goes for cloud computing too, and internet outage can be an issue in cloud computing, cutting off access to your applications and data, preventing you from getting your work done. Sometimes the problem can be with the site you’re accessing. If they’re having issues, and it does happen, you’re once again out of luck trying to get at your applications and your data. Might be rare, but it’s a real possibility to consider, and in some scenarios if your company deals with sensitive or proprietary data, it may be necessary to store that data or run that application locally or internally, and not on someone else’s machines. Healthcare organizations come to mind, in the sense of the patient data they deal with. So that’s a high-level look at cloud computing, including some of the pros and cons. In most business scenarios, you will see cloud computing as an important piece of an overall networking strategy, and not the only solution.

Go here to read the rest:
What is cloud computing? – LinkedIn

Read More..

Types of Encryption | Office of Information Technology

Whole disk

Whole disk encryption, as the name implies, refers to the encryption of an entire physical or logical disk. While this is currently done mostly with software, hardware based disk encryption is a growing technology which is expected to surpass software products for whole disk encryption over the next few years. This form of encryption generally encrypts the entire contents of a disk or volume and decrypts/encrypts it during use after a key has been given. This means the data is protected from situations like laptop/disk loss or theft where the data would be encrypted and require a key to decrypt. It would not protect from situations like sending information over the network (e-mail, websites, etc) or from situations where the decryption key was already entered such as the user walking away from their logged-in computer.

When an individual wishes to encrypt a single file or group of files there are several options. Most encryption software has the ability to encrypt files individually using a password or other key. Many encryption programs have the ability to create an encrypted “virtual drive”. This is an encrypted file that, when opened with the key, looks like another drive attached to the computer allowing the user to easily open and save files into an encrypted area. Some other applications, like MS Office and OpenOffice, have built-in, single-file encryption features.

This approach can protect against data disclosure on a lost or stolen computer, but only if all of the private information was encrypted. Individual file/folder encryption relies on user education and good practices to ensure that all appropriate information is encrypted.

Depending on how the encryption software is used, this approach can provide protection from data disclosure when transferring information over the network. E.g. an individual file can be encrypted and then sent as an email attachment, assuming the recipient has the ability to decrypt it.

Allowing multiple users to simultaneously access encrypted information is more complicated than a single user. The encryption software must allow the use of either multiple keys (i.e. one for each user) or a shared key (e.g. a shared password). Additionally, the software must deal with multi-user file locking issues (this is usually a problem with the virtual drive approach mentioned in the last section).

This approach can provide an additional layer of protection against the disclosure of highly confidential data on file servers in the event they are compromised. It can also help protect against disclosure on backup media as the files would remain encrypted when backed up.

This approach can get complicated if not all users have the encryption software installed, or they are not configured consistently. This could lead users being unable to access encrypted information or incorrectly believing they have encrypted information when they have not. For these reasons, special attention should be paid to how encryption software behaves and users should be educated to recognize the encryption status of files.

Encrypting information in a database can be done at a couple of levels. The application accessing the database can encrypt information before putting it into the database. This requires intelligence at the application level, but no additional database features. Many databases have built-in encryption functions which applications can use to encrypt data as it is written. This usually requires features at both the application and database level. An encryption application can sit between the application and database, encrypting/decrypting information as it is written and read. This requires buying and installing additional software, but may not require modifications to the application or database.

As mentioned earlier, some applications that arent specifically designed for encryption do have basic encryption functions. Most notably, common productivity suites like Microsoft Office and OpenOffice contain file encryption features. Be cautious of the quality of the built-in encryption features, even within the Microsoft Office product line, some versions (like Office 2007) have a good mechanism, others have poor ones (like Office 2000 and earlier) and still others require proper configuration to provide good protection (like Office 2003). These features can be very handy because they dont require additional licenses, require less training and can be effective for both in transit and at rest encryption. Additionally, they can work well for file exchange since the recipient is more likely to have the ability to decrypt the file. In short, built-in encryption functions can be convenient options, but you should research their effectiveness before using them.

There are a couple of different levels to encryption with email, first is encrypting just an attached file and second is encrypting an entire message. Encrypting an attached file can be accomplished using any single-file encryption process that “sticks” to the file. Naturally, the recipient must have a way of decrypting the file. There are only a couple of commonly used email message encryption technologies, most notably S/MIME and PGP. While S/MIME support is integrated into many email clients, it requires users to have trusted certificates which can be complicated to properly deploy. Using PGP to encrypt email requires installing software, but there are both free and commercial options.

Both of these technologies also allow for digital “signing” of email without encrypting it. This signing process allows the recipient to be certain a message was not altered in transit, but does not protect the content from prying eyes.

Encrypting information while in transit on a network is one of the most common, and important, uses of encryption. One of the most popular forms of this encryption is Secure Sockets Layer (SSL)/Transport Layer Security (TLS), commonly used to encrypt web traffic in transit. Any web application that transmits or collects sensitive information should encrypt the information using SSL/TLS. There are a number of other uses for SSL/TLS encryption, including securing authentication for email communication between clients and servers. SSL/TLS can also be used for “tunneling” to encrypt other forms of network transmission that dont have their own encryption features.

Another common network encryption technology is Secure Shell (SSH) which is largely used for encrypted terminal connections (replacing telnet) and encrypted file transfers (SFTP replacing FTP). Like SSL/TLS, SSH can also be used for tunneling.

A more general form of network traffic encryption is IP Security (IPSec), which operates at a more basic layer than SSL or SSH and can be applied to any network traffic. However, using IPSec requires common configuration between the two computers communicating, so it is generally used within a company/department rather than across the internet.

For wireless networks there are other encryption options that only encrypt information between the computer and the wireless access point. For this reason, they only protect from snooping on wireless and not after the information leaves the access point onto a wired network. The two most common forms are called Wired Equivalent Privacy (WEP) and WiFI Protected Access (WPA). WEP is no longer considered a secure protocol. WPA is much stronger, but has shortcomings and an updated WPA2 standard has been released which improves its security.

Read more from the original source:
Types of Encryption | Office of Information Technology

Read More..

Internet security software Reviews 2018 – Compared & Reviewed

Internet security software combines a number of important security functions into a single package. It will monitor for problems and threats as you use the internet, blocking or warning you of suspect links and watching your computer for unexpected or unauthorized changes.

A good internet security software package will include these security components:

Internet security software doesnt just keep you protected from the most harmful online threats. It also provides an excellent line of defense against less dangerous but often more annoying problems like unexpected pop-up adverts, website redirection (when you expect one website but are shown another) and unwanted software which can slow your computer to a crawl.

Internet security software is essential because its hard to steer clear of online threats – even if you only use big-name websites and never open emails from people you dont know.

With a good internet security package running constantly on your computer, you can get on with using the internet, without having to watch your back. The software does that for you.

Parental control functions also give you confidence that other people using your computer particularly children and young people are prevented from accidentally viewing harmful or inappropriate websites.

Continue reading here:
Internet security software Reviews 2018 – Compared & Reviewed

Read More..

Exhibit A – Internet Security Requirements

Equifax has a duty to protect the confidentiality and security of any consumer report or other nonpublic consumer information (“Consumer Information”) it provides to its Clients. In addition, Equifax seeks to protect its proprietary information including subscriber codes, account information, and all other nonpublic business information (“Proprietary Information”) (Consumer Information and Proprietary Information being referred to cumulatively as “Equifax Information”). In order to discharge these responsibilities, Equifax must obtain from its Clients appropriate information on systems, applications, processes, and entities involved in the transmission of Equifax Information. Equifax requires a description of the intended use, resale, or transmission of the Consumer Information by a Client. This document sets forth the policies and requirements of Equifax for Clients to access, obtain, repackage, and distribute Equifax Information over the Internet. These requirements are in addition to standard Equifax contractual terms and conditions.

Governs only the access of Equifax information through Equifax’s managed portal, ePORT.

Governs only the access of information through the URL https://www.eport.equifax.com.

Covers only access via a browser such as Microsoft’s Internet Explorer or Netscape Navigator . Access of ePORT by screen-scraping or other automated system is not covered by this agreement. A separate agreement must be executed if access is through other than an Internet browser.

All Proprietary Information, including Equifax subscriber codes and security digits must be protected from unauthorized use. If Proprietary Information must be communicated by Client to an Intermediary for purposes of the transmission of Consumer Information to an End-User, the Intermediary must safeguard this Information and observe these Internet Security requirements.

All Equifax Information must be encrypted as it is transmitted over the Internet. A minimum of 128-bit key encryption is required.

Equifax Information must also be protected when stored on servers, subject to the following requirements:

Servers storing Equifax Information must be separated from the Internet or other public networks by firewall or other comparable methods;

Equifax Information must not be stored on a server that can be accessed by TCP services directly from the Internet and should not be referenced in domain name services (DNS) tables;

Secure access (both physical and network) to servers storing Equifax Information, must include authentication and passwords that are changed at least every 90 days;

All servers must be kept current with appropriate security-specific system patches, as they are available.

Consumer Information shall not be shared with, or accessed by, any person other than an End-User or permitted Intermediary, and all transmission and/or storage of Consumer Information shall be subject to all of the terms and conditions stated in these Internet Security Requirements. The Client is responsible for ensuring that the Intermediary meets these Internet Security requirements.

All Proprietary Information, including Equifax subscriber codes and security digits must be protected from unauthorized use. If Proprietary Information must be communicated by Client to an Intermediary for purposes of the transmission of Consumer Information to an End-User, the Intermediary must safeguard this Information and observe these Internet Security requirements.

All Equifax Information, including Proprietary Information and Consumer Information, shall only be shared by Client with an End-User who has been authenticated by strong authentication methodology.

When Consumer Information is accessed by an End-User, the specific individual with access to the Information must be identified, each access shall be logged, and a record of this access shall be maintained for at least three (3) months.

The Client agrees to comply with these Internet Security Requirements at all times.

A breach of security or other circumstance which causes or may have caused or allowed, access to Equifax Information by unauthorized persons or systems, whether intentional, fraudulent, or accidental, must be reported to Equifax as soon as possible and, in any case, not later than one (1) business day after discovery.

The Client shall assume all liability for the use and/or resale of Consumer Information and its delivery via the Internet, and shall hold Equifax harmless from all such liability.

Equifax must approve, in writing, any variance from these Internet Security Requirements.

Equifax retains the right to update or modify, from time to time, these Internet Security Requirements. If Equifax updates or modifies these Internet Security Requirements, Equifax will require that the Client conform its systems, applications, processes or procedures to comply with the update or modification within a reasonable time period, having regard to all relevant security and legal concerns, as may be determined in the discretion of the Equifax Group Executive, reasonably exercised.

Disclaimer

Compliance by the Client with these Internet Security Requirements shall not relieve the Client of the obligation to observe any other or further contractual, legal, or regulatory requirements, rules or terms, nor shall Equifax’s review or approval of any of Client’s systems, applications, processes, or procedures constitute or be deemed to constitute the assumption by Equifax of any responsibility or liability for compliance by the Client with any contractual, legal, or regulatory requirements, rules, or terms. Client shall remain solely responsible for the security of its system, the security of all Equifax Information received by it from Equifax, and for any breach of that security. Equifax retains the right, in its sole discretion, to withhold approval of Internet access to Equifax Information for any reason. Equifax may suspend or terminate access to the Equifax Information at any time if Equifax has reason to believe that Client, an Intermediary, or a business End-User has violated any of these Internet Security Requirements or any contractual, legal, or regulatory requirements, rules or terms.

(Rev 01/05/2007)

Read the original:
Exhibit A – Internet Security Requirements

Read More..

CIS Benchmarks – Center for Internet Security

With our global community of cybersecurity experts, weve developed CIS Benchmarks: 100+ configuration guidelines for various technology groups to safeguard systems against todays evolving cyber threats.

– Indicates the most recent version of a CIS Benchmark. – Indicates older content still available for download.

CIS Benchmark for Apple macOS 10.13

CIS Benchmark

Free Download

CIS Benchmark for Apple macOS 10.12

CIS Benchmark

Free Download

CIS Benchmarks for Apple OSX 10.9

CIS Benchmark

Free Download

CIS Benchmark

Free Download

CIS Benchmark

Free Download

CIS Benchmark

Free Download

CIS Benchmarks for Apple OSX 10.8

CIS Benchmark

Free Download

CIS Benchmark

Free Download

CIS Benchmark

Free Download

CIS Benchmark

Free Download

CIS Benchmark for Apple OSX 10.12

CIS Benchmark

Free Download

CIS Benchmarks for Apple OSX 10.11

CIS Benchmark

Free Download

CIS Benchmark

Free Download

CIS Benchmarks for Apple OSX 10.10

CIS Benchmark

Free Download

CIS Benchmark

Free Download

CIS Benchmark

Free Download

– Indicates the most recent version of a CIS Benchmark. – Indicates older content still available for download.

CIS Benchmark for Apple iOS 12

CIS Benchmark

Free Download

CIS Benchmark for Apple iOS 9

CIS Benchmark

Free Download

CIS Benchmark for Apple iOS 8

CIS Benchmark

Free Download

CIS Benchmarks for Apple iOS 7

CIS Benchmark

Free Download

CIS Benchmark

Free Download

CIS Benchmark for Apple iOS 6

CIS Benchmark

Free Download

CIS Benchmark for Apple iOS 11

CIS Benchmark

Free Download

CIS Benchmarks for Apple iOS 10

CIS Benchmark

Free Download

CIS Benchmark

Free Download

– Indicates the most recent version of a CIS Benchmark. – Indicates older content still available for download.

CIS Benchmarks for Microsoft Office 2016

CIS Benchmark

Free Download

CIS Benchmark

Free Download

CIS Benchmark for Microsoft Word 2013

CIS Benchmark

Free Download

CIS Benchmark for Microsoft PowerPoint 2013

CIS Benchmark

Free Download

CIS Benchmark for Microsoft Outlook 2013

CIS Benchmark

Free Download

CIS Benchmark for Microsoft Outlook 2010

CIS Benchmark

Free Download

CIS Benchmarks for Microsoft Office Word 2016

CIS Benchmark

Free Download

CIS Benchmark

Free Download

CIS Benchmark for Microsoft Office Word 2013

CIS Benchmark

Free Download

CIS Benchmarks for Microsoft Office PowerPoint 2016

CIS Benchmark

Free Download

CIS Benchmark

Free Download

CIS Benchmark for Microsoft Office PowerPoint 2013

CIS Benchmark

Read the rest here:
CIS Benchmarks – Center for Internet Security

Read More..

What is Cloud Storage,How Does It Work,Its Benefits & Uses …

Posted by: William on December 7, 2012 Under: Cloud Storage |

The information technology industry sometimes gets ahead of itself. This is the case when it comes to Cloud Storage. This technology was introduced and a lot of discussion surrounded its introduction. However, the technology industry moved on before it was truly introduced. Many IT professionals are still asking What is Cloud Storage?

Cloud Storage can mean different things to IT specialists, depending on how that specialist implements this technology. Public Cloud is the most common way of inplementation. It means storage capacity which can be access through a public network, like the Internet, or WAN (Wide Area Network). Internet users have the capability of expanding the amount of data Cloud Storage can hold without any limitations, but may require you to contact the service provider.

A Cloud Storage provider generally operates a storage infrastructure, many times in locations that are dispersed. Because storage can be expanded without limit, most people think that these providers have a large infrastructure. Many developers have stayed focused on how easy Cloud Storage is to manage and scalability. Grid architecture has Cloud Storage made with a host of individual servers, then tied together, which acts as a single storage center or manageable point.

This can be done in two different formats: loosely coupled or tightly coupled. Loosely coupled formats are tied together by a file storage that is global with storage features being executed individually. Tightly coupled formats are storage areas that are similar which are combined together to form one file system, or storage area.

Simply put, Cloud Storage is a way of backing up, managing and maintaining data which can be accessed by many users over one network, like the Internet. This access can be done anywhere in the world and shared with every authorized Internet user.

Cloud Storage can offer individuals and small companies an inexpensive data storage facility without the cost of purchasing their own servers. The data is stored off-site and properly secured, which is required by many small companies, as well as individual business people. The service offers everyone that subscribes to a provider with instant access to all their data from anywhere and at anytime. It also allows several people to share the same data from anywhere at anytime. This data storage has no limitations, which is found with individual servers.

Since individual data storage servers requires a lot of space, you save the cost of a larger work space and lets you use that area for a growing business, instead of the growing amount of data you will accumulate. Instead of paying for more servers to hold your every-increasing data and then paying for more space to install those personal servers, you can pay a Cloud Storage provider less funds for an unlimited storage area. This is a long-term fix for all your data storage needs.

One other benefit of Cloud Storage is that it can be provided with just as much security features as your personal data servers can provide and, sometimes, even more security features. You can limit the people that are authorized to access your Cloud Storage data or make that completely public, but you control that access. Even though there have been attempts to break into Cloud Storage providers, you hear more about stolen information from private servers. The technology that Cloud Storage providers use to secure their centers and servers is continually being developed to protect their members. This means that these services continue to improve their security technology to enhance the protection or your data.

Since Cloud Storage is still considered a new technology, there will always be discussions about the problems found with this service. However, no one can say that the benefits do not outweight the problems. You save on equipment, storage space and can have secured access whenever you want from anywhere in the world, so can your employees.

There are many ways of using Cloud Storage by individuals or businesses, whether you choose to use private or public cloud storage. You can increase the storage area of you own servers by placing a large chunk of archived data into a Cloud Storage provider. This will increase the space you may require to update your current applications or software.

Next way to use Cloud Storage is to back up any data (movies, pictures, videos, documents, etc.). This comes in handy when your equipment fails, gets hacked or you pick up a virus that prevents you from accessing your equipment. Instead, you can go get new computers and then go online and access all your data without a problem of losing anything. Everything is secure and safely stored.

You can allow access to clients or employees around the world, which is safer than sending that data through the worldwide web. Many times people will send an email and the recipient never receives the email. Then both are left wondering if you really took the time to do what you said. With Cloud Storage, you can upload the data, or files, then share it with the people you want. They can then go online to the Cloud Storage provider and retrieve the data themselves when they are ready. This makes everything more convenient and that data will remain in the cloud storage servers until you delete it personally.

Many other Internet users and businesses are using Cloud Storage providers for security reasons. Many providers are constantly improving their security features which protects your data. This makes your data more secure than you could actually provide without paying a lot of money in software. The provider can also prevent viruses from corrupting your data, since it is an encrypted data storage center. Since the service protects this data by encrypting the site, your files will never be susceptible to any viruses, including the news ones that always seem to come out.

Cloud Storage is not as complicated as many people may think. In fact, it is one of the safest ways to share, store, back up and access information that is required. For example, if you have information on your home computer, but are out of the office, you can use Cloud Storage and access that same information from any system while traveling because it was uploaded to that providers service center. This comes in handy when your ISP is out and you cannot get on your home system remotely.

You can use Cloud Storage for different reasons, but you will save space, money and secure your information better through a provider. This only makes communicating easier.

Here is the list of Top 10 Cloud Storage Providers that we recommend you.

VN:D [1.9.22_1171]

Rating: 5.7/10 (11 votes cast)

What is Cloud Storage,How Does It Work,Its Benefits & Uses Explained?, 5.7 out of 10 based on 11 ratings

See more here:
What is Cloud Storage,How Does It Work,Its Benefits & Uses …

Read More..

Use Your own Encryption Keys with S3s Server-Side …

Amazon S3 stores trillions of objects and processes more than a million requests per second for them.

As the number of use cases for S3 has grown, so have the requests for additional ways to protect data in motion (as it travels to and from S3) and at rest (while it is stored). The first requirement is met by the use of SSL, which has been supported by S3 from the very beginning. There are several options for the protection of data at rest. First, users of the AWS SDKs for Ruby and Java can also use client-side encryption to encrypt data before it leaves the client environment. Second, any S3 user can opt to use server-side encryption.

Today we are enhancing S3s support for server-side encryption by giving you the option to provide your own keys. You now have a choice you can use the existing server-side encryption model and let AWS manage your keys, or you can manage your own keys and benefit from all of the other advantages offered by server-side encryption.

You now have the option to store data in S3 using keys that you manage, without having to build, maintain, and scale your own client-side encryption fleet, as many of our customers have done in the past.

Use Your KeysThis new feature is accessible via the S3 APIs and is very easy to use. You simply supply your encryption key as part of a PUT and S3 will take care of the rest. It will use your key to apply AES-256 encryption to your data, compute a one-way hash (checksum) of the key, and then expeditiously remove the key from memory. It will return the checksum as part of the response, and will also store the checksum with the object. Heres the flow:

Later, when you need the object, you simply supply the same key as part of a GET. S3 will decrypt the object (after verifying that the stored checksum matches that of the supplied key) and return the decrypted object, once again taking care to expeditiously remove the key from memory.

Key ManagementIn between, it is up to you to manage your encryption keys and to make sure that you know which keys were used to encrypt each object. You can store your keys on-premises or you can use AWS Cloud HSM, which uses dedicated hardware to help you to meet corporate, contractual and regulatory compliance requirements for data security.

If you enable S3s versioning feature and store multiple versions of an object, you are responsible for tracking the relationship between objects, object versions, and keys so that you can supply the proper key when the time comes to decrypt a particular version of an object. Similarly, if you use S3s Lifecycle rules to arrange for an eventual transition to Glacier, you must first restore the object to S3 and then retrieve the object using the key that was used to encrypt it.

If you need to change the key associated with an object, you can invoke S3s COPY operation, passing in the old and the new keys as parameters. Youll want to mirror this change within your key management system, of course!

Ready to EncryptThis feature is available now and you can start using it today. There is no extra charge for encryption, and theres no observable effect on PUT or GET performance. To learn more, read the documentation on Server Side Encryption With Customer Keys.

Jeff;

View original post here:
Use Your own Encryption Keys with S3s Server-Side …

Read More..