Posts Tagged Data Security

Linoma Software products are not affected by Heartbleed bug

Posted by on Wednesday, 9 April, 2014

Heartbleed bug graphic from heartbleed.comIf you are a Linoma Software customer using any of our products such as the GoAnywhere suite (Director, Services, Gateway, Open PGP Studio), Crypto Complete, Surveyor/400 or the RPG Toolbox, we are pleased to report that our products are NOT vulnerable to the Heartbleed bug.  

The CVE-2014-0160 exploit, or Heartbleed bug, has made big headlines over the last 48 hours. The Heartbleed bug exploits vulnerabilities in the popular OpenSSL server software potentially allowing the memory of SSL/TLS encrypted systems to be compromised. The bug essentially allows access to the memory of the SSL/TLS protected systems and attackers can potentially steal and read formerly encrypted information such as usernames and passwords, credit card numbers and other sensitive data.  To learn more about the Heartbleed bug please visit Heartbleed.com.  Additional resources allow you to check and see if your website or server is affected by the Heartbleed bug:  Heartbleed Test and LastPass Heartbleed Checker.

GoAnywhere Suite (Director, Services, Gateway, Open PGP Studio)
GoAnywhere does not use native libraries for SSL/TLS and relies on the JSSE libraries of the JVM that GoAnywhere is running on. This exploit does not exist in the JSSE implementation of SSL/TLS.  While Tomcat does, however, have the ability to utilize native SSL/TLS capabilities for its HTTP/S connections with the APR Connectors, GoAnywhere does not employ this functionality.
GoAnywhere Secure File Transfer mobile apps:
For Apple devices: The GoAnywhere Apple app uses the Secure Transport implementation of SSL/TLS and is not affected by Heartbleed.
For Android devices:  The GoAnywhere Android app uses the JSSE implementation of SSL/TLS and is not affected by Heartbleed.

Surveyor/400:
Surveyor/400 does not use native libraries for SSL/TLS and relies on the JSSE libraries of the JVM that Surveyor/400 is running on. This exploit does not exist in the JSSE implementation of SSL/TLS.

Crypto Complete:
Crypto Complete does not use SSL/TLS for Field or Backup encryption and is not affected by Heartbleed.

RPG Toolbox:  Our RPG toolbox does not use any encryption and is not affected by Heartbleed. 

IFS Files Can Be Automatically Encrypted
with Crypto Complete 3.3

Posted by on Tuesday, 24 September, 2013

Crypto Complete™, one of the most popular encryption solutions for the IBM i, just took things to a whole new level.  Version 3.3 now allows users to automatically encrypt files stored on the Integrated File System (IFS).

IFS Automatic Encryption“We don’t think there is any other solution out there that provides this feature,” said Ron Byrd, Senor Engineer for Crypto Complete.  “Based on feedback we were getting from our customers, it seemed like the obvious next step for us.”

Version 3.3 can automatically protect the contents of any sensitive IFS files including PDF documents, text files, Excel spreadsheets, binary objects and other graphics files.

Administrators can designate which folders should be encrypted, and from then on, Crypto Complete will automatically encrypt any new files or data as soon as they are added to those targeted IFS folders.

Encrypted files will then automatically decrypt when accessed by specifically authorized users or groups. Tracking who accesses files is carefully logged with detailed audit trails.

Find out more about the newest release of Crypto Complete in this official announcement.

Susan Baird

Susan is the Marketing Manager at Linoma Software, helping promote our secure file transfer and encryption solutions. Her specialty is content creation and social media marketing, and you can find out more about her by viewing her LinkedIn profile.

More Posts - Website - Twitter - Facebook

Data Breaches Threaten Companies Worldwide

Posted by on Monday, 15 July, 2013

As technology staffs contend with ongoing changes to the data distribution landscape, it is important to keep abreast of data security risks and to understand the significant importance of properly managing customer’s private data.

data breachThe Ponemon Institute recently released its annual data breach report which provides stats on data security issues and trends.  With more than 277 companies involved and 1400 individuals interviewed, this report provides a current and unique perspective of potential security risks associated with even the smallest data breach.

Below are highlights of the report which indicates data breaches remain a difficult challenge.

  • The report identifies three key causes of data breaches worldwide:
    • Malicious Attacks – 37%
    • Negligence – 35%
    • System Errors – 29%
  • The average per capita costs of a data breach increased to $136 per capita over the $130 per capita from the previous year.
  • The US had the highest total per incident cost of $5,403,644.
  • In 2013 the average number of breached records was 23,647
  • Healthcare, Financial and Pharmaceutical industries continue to be the top industries with the highest per capita costs incurred.

Ironically, the report noted that organizations that notified victims too soon following a data breach actually incurred higher costs. This is an indication that an incident management plan should be in place to properly mitigate the data breach event.

It’s clear, based on the data in this report, that companies need to look beyond technology solutions that secure systems and communications.  It is important that the human factors are considered like employee training and creating an incident management plan to provide a full proof data security strategy.

Take a look at the full 2013 Ponemon Institute Data Breach report for more information on the top reasons that data breaches occurred and ways to decrease the risks and costs associated with them.

For information on how your company can build a better strategy to avoid data breaches, download our free white paper “Defending Against Data Breach: Developing The Right Strategy for Data Encryption.”

 

Daniel Cheney

Daniel has been the IT Director at a healthcare company for the last 12 years and a longtime beneficiary of GoAnywhere Director and the IBM i platform. He is also a freelance writer for various technical and social media projects.

More Posts - Website

Linoma Posts Another Year of Record Growth

Posted by on Friday, 19 April, 2013

We’ve had lots of reasons to celebrate lately at Linoma Software, and here are just a few.

Sales Are Soaring

GoAnywhere, Crypto Complete, Surveyor 400, RPG ToolboxThanks in no small part to having well designed and executed products and a superior support team, our enthusiastic sales team spent 2012 shattering sales records, and have already topped themselves in the first quarter of 2013.  We’ve been able to help customers from virtually every industry, including healthcare, finance and banking, insurance, manufacturing, education, retail, and government, and as we hear back from them about how GoAnywhere or Crypto Complete or Surveyor or RPG Toolbox has made their lives easier and their data more secure, we can share their stories with others seeking an affordable, enterprise-level solution.

Trade Show Season Is In Full Swing

We’ve already met lots of new people — and reconnected with old friends — at the RPG Summit, RSA Conference, COMMON, and InfoSec in Orlando, and this weekend we’re exhibiting with HANDD Business Solutions, one of our partners in the UK, at InfoSec Europe.  Then, we’re first-time exhibitors at the FOSE government conference in Washington D.C. in May and then we’re back in Europe for the COMMON-Europe conference in June.

We’ve Launched a New Website

If you haven’t visited our new GoAnywhere.com website yet, you should check it out.  Our team worked very hard to redesign not only the look and feel, but also the navigation to make it easier for visitors to find what they need.  We hope you’ll take a look and let us know what you think.

GoAnywhere OpenPGP Studio is Now Available

Last month we published a free desktop tool that can encrypt and decrypt files using OpenPGP encryption.  It’s a great solution for those who need to occasionally encrypt files, and OpenPGP Studio also helps organize and manage keys.  You can download OpenPGP Studio for free here.

We’ve also added some new faces to our team and are working on some pretty cool software enhancements as well as our first mobile app, which should be available very soon.

As always, we welcome your ideas and your feedback, and if you’ve got a great story to share about how one of our products has helped you work more efficiently or kept your data better protected, let us know. We’d love to hear it!

 

 

Susan Baird

Susan is the Marketing Manager at Linoma Software, helping promote our secure file transfer and encryption solutions. Her specialty is content creation and social media marketing, and you can find out more about her by viewing her LinkedIn profile.

More Posts - Website - Twitter - Facebook

1.800.949.4696  |  sales@linomasoftware.com  |  privacy policy
Copyright ©1994 - 2012 Linoma Software  |  All rights reserved