How often should you rekey encrypted data?

The initial downtime taken to encrypt data is often one of the main stumbling blocks to deploying an encryption solution. As data sets move into the terabytes, the downtime associated with initial encryption can often exceed available maintenance windows. Solutions such as HyTrust DataControl alleviate these issues by allowing the applications to continue running while […]

Read More

HyTrust DataControl now provides full KMIP server capabilities

HyTrust and Cryptsoft recently announced that HyTrust are using Cryptsoft’s KMIP technology in our KeyControl encryption key management solution, which is part of our DataControl Cloud Encryption product. You can read the press release here: http://www.prnewswire.com/news-releases/hytrust-datacontrol-adopts-cryptsoft-kmip-technology-300280867.html So what is KMIP? There have been many attempts over the years to produce a key management standard allowing […]

Read More

What’s happening with OpenSSL?

I recently attended the 4th International Cryptographic Module Conference (ICMC) in Ottawa, Canada. Tim Hudson from CryptSoft gave a talk about the OpenSSL community, what’s changed given recent, widely publicized bugs such as Heartbleed and Poodle, and where the organization is going. There are 15 developers who are spread across 8 different countries. Only 2 […]

Read More

The password is dead! Long live the password!

Donald E. Malloy from LSExperts gave a fascinating talk at ICMC 2016 about passwords and technology that exists and is being developed to replace them. This blog covers some of the topics he covered together with my own analysis. As time goes by we continue to hear about major data breaches and end customers are […]

Read More

FIPS 140-2 Level 1 for HyTrust Encryption Solution

It is one thing to know you can do something, but it is a different thing to be certified and tested. While top security and performance have always been key to our product efforts, we haven’t always had the luxury of time and resources to take people off development efforts to pay necessary attention to […]

Read More

OpenSSL Security Flaws: Worries Continue

It doesn’t surprise me that we are seeing a number of new reported flaws in OpenSSL. After the Heartbleed bug was announced on April 7th, one thing we could guarantee was that all eyes would be on the OpenSSL source code scrutinizing it for issues. In an OpenSSL Security Advisory made today, six new vulnerabilities […]

Read More

The End of Open Source Encryption?

It’s been quite a year for news, and unsubstantiated rumors about military grade encryption systems being broken and decipherable by nation states. Last year we heard false claims from the Snowden affair about AES being broken. Just yesterday, we have one of the most bizarre announcements in the history of Open Source. The following text […]

Read More