Forged emails are extremely common. Most of the time forged emails are merely a nuisance.However, if you accidentally share information with or click on a link from someone who sent a forged email, the results can devastate your goal or even your site, or if it’s really evil, an entire computer. Here’s some information about how to […]
SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are foundations of security on the Internet. However, between colloquial usage and the relationship between these security protocols, there is a lot of confusion regarding how they are related, how they are different, and what to use in what situation. For a detailed analysis of these […]
Data Loss Prevention (DLP) describes a plan for companies to control the sending of sensitive data. E.g. this can include controls to stop the flow of sensitive data or to ensure that sensitive data is always well-encrypted (for compliance) when sent. In the context of email, DLP is usually achieved through the following formula: Construct a […]
We have long held that leaving it to each sender/employee to properly enable encryption for each sensitive message (a.k.a “Opt In Encryption”) is too risky. Why? Any mistake or oversight immediately equals a breach and liability. Instead, LuxSci has always promoted use of “Opt Out Encryption,” in which the account default is to encrypt everything unless […]
HSTS (HTTP Strict Transport Security) protects your secure web site against “security downgrade attacks”. E.g. it stops people from accessing insecure versions of your site or pages when secure versions are available. This, in turn, helps prevent man-in-the-middle and other types of attacks on people using your web site. HSTS is a very simple and […]
