Developing Mobile Apps? Ask Yourselves These Security Questions
Developing Secure Mobile Apps
Recent reports have surfaced about the significant rise in cyber attacks targeting mobile devices. The year 2014 alone saw a 500% growth in mobile software-based attacks. Many companies, consumers, and mobile developers are now left wondering, “How can I be sure my mobile apps and devices are secure?”
Data Security at our Core: A Layered Approach
Recently, the security of digital communication platforms has been under fire and questioned by many who are using these tools to talk with colleagues, friends and family. Here at Symphony, security is part of our DNA – and while no system is bullet proof, we know that any growing network will become a target for hackers. With security as the foundation of our platform, we plan to always stay one step ahead of our potential threats.
Security as the Foundation
The numerous (and public) security breaches in 2014 have clearly illustrated the need for everyone to improve their data security and privacy practices. Gigaom has even declared 2015 as “The Year of Encryption,” focusing on what companies such as Apple and Google are doing this year to make improvements. And finally, governments and businesses of all sizes are beginning to take action by improving their cybersecurity practices.
It Isn’t Always Good to Be Popular
According to SplashData’s annual list of the 25 most common passwords found on the Internet, “123456” maintains the top spot. And as the most popular, it’s also the worst!
Symphony and Security: What You Should Know
Symphony is built with security at its core. The content our enterprise customers exchange using our service is some of the most valuable information in the world, and we accept the responsibility to protect that data. To make this happen – while not making Symphony clunky and difficult to use – has taken focus and resolute commitment by our team.
One in Three Healthcare Customers Will Have Records Breached in 2016 – Are You Ready?
On a recent visit to a new doctor, I arrived the requisite 15 minutes early, expecting to be greeted with the usual clipboard of grainy photocopied forms to fill out.
Forward security: what it means, why you should care
Much has been said about Symphony’s layered security model, which couples end-to-end encryption with client-controlled key generation and storage. And of course, there is the debate about encrypted messaging currently occurring on the international stage. But what the team here talks a lot about is how we can build an adaptable system with the ability to recover from whatever the world throws at us.
Symphony: Making the Impossible a Reality
As the Chief Security Officer at Symphony, I occasionally overhear comments that the security model of Symphony is so powerful that the promises we’ve made are probably not achievable.
Humans, Still Our Greatest Security Challenge
You’ve seen it before: an email from your manager telling you take urgent action, file attached. Even if the project doesn’t ring a bell, it’s your boss telling you to do it, so everything’s in order right? Maybe not.
Symphony joins the EU-U.S. Privacy Shield framework
It’s June 2015.
Your company, PrivacyCo, has offices in the U.S. and the bulk of its clients are located in Europe. PrivacyCo routinely transmits employee personal data from Europe to the U.S. for storage, analysis — whatever is needed to get the job done.
Symphony and “Responsible Encryption”
The FBI has raised the alarm that cutting-edge encryption technologies enable criminals and terrorists to shield their wrongdoing from detection and investigation. To prevent wrongdoers from “going dark,” they have urged those who manufacture digital systems to engineer mechanisms to ensure law enforcement access to encrypted records.
Wrestling with GDPR Compliance?
The General Data Protection Regulation (GDPR) is a new data security and privacy regulation for enterprises conducting business in the European Union. It requires strengthening of controls on how enterprises protect, use, and share their customers’ data.
Do You Know Who has Access to Your Company’s Collaboration Data?
Your most widely used business tool – your collaboration platform – may be putting your business at risk. No one wants to experience a data breach. What is the cause of this risk?
Why Slack’s Customers Really Do Need End-to-End Encryption
Earlier this month, Slack’s CSO made public comments stating that its customers aren’t interested in end-to-end encryption, so it’s not a priority for the company. For a company which claims to be the platform "where work happens,” this decision to dismiss such a powerful tool to protect their customer data is concerning, especially when it comes from their top security executive.
Don’t be Slack on Security
It seems like Slack may finally be realizing the importance of security, despite their CSO’s recent public comments dismissing end-to-end encryption. While we found this comment puzzling, Slack’s quick backtracking is even more so.
So is security a priority for Slack, or is it not? Let’s take a look...
Slack Gets A Little More Security, But Is a Little More Enough?
As security and privacy become increasingly important concerns for businesses and consumers alike (see Facebook’s recent strategic pivot), it’s not surprising that collaboration vendors are busy adding new security measures to their products.
Case in point: on Monday, Slack announced GA of Enterprise Key Management (EKM), a feature which they pre-announced last September, and of which we wrote about in our blog at the time.
Slack’s blog post announcing EKM provides a bit more detail about the service, and directly calls out use cases for "high-regulated industries like financial services" in their messaging. Clearly, Slack is noticing that its service doesn’t cut it for large enterprises who are concerned about compliance or security. But let’s take a closer look at Slack’s EKM offering and what it does - and doesn’t - offer.