Skyhigh Networks Raises $20M For Service That Discovers, Analyzes And Controls Apps Employees Use
Skyhigh Networks discovers,manages and analyzes data from all the apps that people use at work. Today the company raised $20 million in a Series B round led by Sequoia Capital with participation from existing investor Greylock Partners. Skyhigh discovers, analyzes and controls the cloud services that a customer’s employee uses. It sees the cloud services customers use and all the associated security issues associated with it. It analyzes the services to find the abnormalities and ways the company can save costs on subscriptions. It also adds an element of control by enforcing IT policies. The difference for Skyhigh is in the fine grain controls. When it finds abnormalities it can provide encryption, access control and other security features. The discover is based on existing logs and data from proxy and doing analytics. It has a registry of 2,600 services with 500 added every six weeks. For each service they create an independent score across 30 criteria. For the analysis the company ...
abnormalities
byod
devices
difference
elements
encryption
greylock partners
hadoop
intersection
million
movement
participation
policy
raises
security
sequoia
service
skyhigh
splunk
subscription
IBM Researchers Open Source Homomorphic Crypto Library
mikejuk writes with news of an advancement for homomorphic encryption and open source: "To be fully homomorphic the code has to be such that a third party can add and multiply numbers that it contains without needing to decrypt it. In other words they can change the data by working with just the encrypted version. This may sound like magic but a fully homomorphic scheme was invented in 2009 by Craig Gentry. This was a step in the right direction but the problem was that it is very inefficient and computationally intensive. Since then there have been a number of improvements that make the scheme practical in the right situations Now Victor Shoup and Shai Halevi of the IBM T J Watson Research Center have released an open source (GPL) C++ library, HElib, as a Github project. The code is said to incorporate many optimizations to make the encryption run faster. Homomorphic encryption has the potential to revolutionize security by allowing operations on data without the need to decrypt it."
advancement
center
craig
direction
encryption
gentry
github
gpl
halevi
helib
homomorphic
ibm
improvements
operations
optimization
security
shai
shoup
situation
version
victor
watson
Small Company Wants to Make Encryption Key Management Into a Commodity (Video)
StrongAuth helps protect data with strong encryption, so that even if a company's network infrastructure is breached, its critical data -- including customers' credit card numbers, for example -- is still safe. Their software is open source, and their objective is to "become like the Toyota Camry of encryption key management," says StrongAuth CTO Arshad Noor. "Everybody should be able to afford it." These are big words from a company that only has 12 employees, all in Silicon Valley, but it's a company that not only has a strong reputation among its small and medium-sized business clients, but is starting to get acceptance from Fortune 500 behemoths, too. In this video interview (and in the transcript), Arshad not only talks about data security, but about how his company makes money while developing and relying purely on open source software. And did somebody ask about Linux? Yes, their software is all based on Linux. CentOS, to be exact.
acceptance
arshad
business
camry
centos
commodity
cto
encryption
fortune
linux
management
noor
reputation
security
silicon valley
strongauth
toyota
yes
The War Z Taken Offline Following Hack
An anonymous reader writes with this tidbit from Net Security: "Players of The War Z, a first-person zombie survival game, have been notified of a breach of the developer's forum and game databases and the theft of user data contained in them. 'The data accessed included email addresses used to log-in to the forum, forum passwords which we encrypt, email addresses used to log-in to the game, encrypted game passwords as well as in-game character names and the IP addresses from which players log-in to the forum and to the game,' the developer explained ...There is no mention of what encryption algorithm they use to encrypt the passwords, nor whether they are 'salted,' so their advice to users about immediately changing the passwords they used for the forum and the account is more than fitting."
advice
encryption
mention
security
Does Apple Need To Get Serious About Security?
An anonymous reader writes "An article at The Verge makes the case that Apple's development of its cloud services hasn't been accompanied by the necessary effort to ramp up security to match users' increasing levels of risk. As evidence, they use a recent (and very simple) security hole that allowed anyone to reset an Apple ID password with just a user's email address and birth date. Apple's initial response failed to fully stop the exploit, and then it took several days for them to fix the issue. 'A server-side attack on Apple's cloud could get customers' credit card numbers and addresses, device backups with their encryption keys — as well as contacts and Apple IDs — anonymously and in bulk. Those systems may be defended like a castle, but bandits have plenty of places to chip away at private information at the periphery: intercepting wireless location data, cracking the still-private protocols for services like FaceTime or iMessage, or imitating iTunes updates to install to take over ...
apple
billion
business
ddos
development
devices
encryption
evidence
facetime
ids
imessage
information
itunes
location
policy
practice
privacy
secrecy
security
service