Archive for January, 2010

PGP Encryption Smackdown – Supports Mac Snow Leopard, Linux, Boot Camp, SSD drive support

Friday, January 22nd, 2010

PGP Corporation announced an update to its products line. PGP now supports Red Hat & Ubuntu Linux, Mac OSX Snow Leopard, and Boot Camp on Mac OSX computers. In addition, PGP has updated its whole disk encryption technology to include a Hybrid Cryptographic Optimizer (HCO) technology to deliver faster run times for PGP Whole Disk Encryption.


Customers can now use PGP Universal Server to centrally manage encryption for their multi-platform environment. A single web-based user interface can be used to manage encryption end points using Microsoft Windows, Apple Mac, Red Hat Linux, and Ubuntu Linux. PGP is the only encryption vendor that delivers encryption solutions across multiple platforms. Multi-platform support is especially important with the popularity of netbooks, and the forthcoming Apple tablet device, which is reported to be using the Mac OSX operating system.


PGP also added functionality for e-mail encryption in Microsoft Outlook. Using Microsoft Outlook users can now click “sign and encrypt” buttons to automatically encrypt emails.


Experior Data is a PGP SILVER Partner and helps organizations implement data encryption solutions.


More information about these new releases is available on theĀ PGP web site.

Tags: ,
Posted in Encyption, PGP | No Comments »

Disk encryption is not enough for HIPAA HITECH Act Compliance

Tuesday, January 19th, 2010

In the coming months healthcare IT administrators will see many products come to market that claim to solve the compliance issues of safeguarding unsecured protected health information (PHI). A bit of caution and understanding of the issues is required here:


- Whole disk encryption is clearly needed for mobile devices


- Whole disk encryption protects data when computers are TURNED OFF. This means that while you’re using the laptop the data is in use, and is not encrypted.


- Additional levels of data protection is needed to protected the data while computers are in use. For example, critical data files should be encrypted automatically regardless of whether the computer is turned on or off. Whole disk encryption does not do this.


- Files containing PHI that are transferred on a network need to be encrypted. Whole disk encryption does not do this.


- What about e-mails containing PHI? More importantly, what about those that use Microsoft Outlook and store data in archive (.pst) files?


So why is whole disk encryption not enough? What happens if a worm invades your computer and transfers documents of a certain file type to a remote location. Whole disk encryption will not help you in this situation.


It’s important for any encryption solution to not only encrypt the hard drive but also to encrypted files on the hard drive so that they remain encrypted while the computer is on.



Tags: , ,
Posted in HIPAA, PGP | 1 Comment »

Blue Cross Blue Shield of Tennessee to explain data breach

Monday, January 11th, 2010

Blue Cross Blue Shield of Tennessee customers will be receiving an explanation of the data breach incident, according to the Chattanooga Times Free Press.


This week, BCBS will provide updated data to the public on exactly how many customers were exposed when 57 hard drives were pilfered in October from a storage closet at the insurer’s Eastgate Town Center branch, said company spokeswoman Mary Thompson.

‘We’ve reach a critical mass with our analysis of the information, and this week we think we can update the public,” Ms. Thompson said. “We’re going to be doing a really full breakdown of how many were potentially exposed.’”

BCBS goes on further to say that the data on the hard drives was “scrambled” in way that would make it difficult for others to access it. It remains to be see what “scrambled” really means.

Tags:
Posted in breach notification | No Comments »