Steve Pate, Author at HyTrust

Steve Pate

How often should you rekey encrypted data?

The initial downtime taken to encrypt data is often one of the main stumbling blocks to deploying an encryption solution. As data sets move into the terabytes, the downtime associated with initial encryption can often exceed available maintenance windows. Solutions such as HyTrust DataControl alleviate these issues by allowing the applications to continue running while […]

HyTrust DataControl now provides full KMIP server capabilities

HyTrust and Cryptsoft recently announced that HyTrust are using Cryptsoft’s KMIP technology in our KeyControl encryption key management solution, which is part of our DataControl Cloud Encryption product. You can read the press release here: http://www.prnewswire.com/news-releases/hytrust-datacontrol-adopts-cryptsoft-kmip-technology-300280867.html So what is KMIP? There have been many attempts over the years to produce a key management standard allowing […]

What’s happening with OpenSSL?

I recently attended the 4th International Cryptographic Module Conference (ICMC) in Ottawa, Canada. Tim Hudson from CryptSoft gave a talk about the OpenSSL community, what’s changed given recent, widely publicized bugs such as Heartbleed and Poodle, and where the organization is going. There are 15 developers who are spread across 8 different countries. Only 2 […]

The password is dead! Long live the password!

Donald E. Malloy from LSExperts gave a fascinating talk at ICMC 2016 about passwords and technology that exists and is being developed to replace them. This blog covers some of the topics he covered together with my own analysis. As time goes by we continue to hear about major data breaches and end customers are […]

FIPS 140-2 Level 1 for HyTrust Encryption Solution

It is one thing to know you can do something, but it is a different thing to be certified and tested. While top security and performance have always been key to our product efforts, we haven’t always had the luxury of time and resources to take people off development efforts to pay necessary attention to […]

OpenSSL Security Flaws: Worries Continue

It doesn’t surprise me that we are seeing a number of new reported flaws in OpenSSL. After the Heartbleed bug was announced on April 7th, one thing we could guarantee was that all eyes would be on the OpenSSL source code scrutinizing it for issues. In an OpenSSL Security Advisory made today, six new vulnerabilities […]

The End of Open Source Encryption?

It’s been quite a year for news, and unsubstantiated rumors about military grade encryption systems being broken and decipherable by nation states. Last year we heard false claims from the Snowden affair about AES being broken. Just yesterday, we have one of the most bizarre announcements in the history of Open Source. The following text […]

HyTrust products are not impacted by SSL Heartbleed

The OpenSSL project has recently announced a security vulnerability in the OpenSSL package known as “SSL Heartbleed,” affecting versions 1.0.1 and 1.0.2 (CVE-2014-0160). This is a flaw in the open-source OpenSSL cryptographic software library that could allow attackers to access the memory of servers using vulnerable versions of the OpenSSL library. If successfully exploited, this […]

Intel SGX Holds a lot of Promise for Secure Cloud Computing

If you’re like me, you may have missed an announcement from Intel for what could be a key piece to solving data security issues in the cloud. Last September Intel announced SGX (Software Guard Extensions) which will be available in processors in the near future. As the article says “At its root, Intel SGX is […]