bigstock-Isometric-Cloud-Computing-Conc-243793318-Converted-01

Setting Up Your Own Secure File Server

by EncryptionFile Server

Businesses everywhere experience getting hacked or some sort of outside user trying to get access to their information. With the interconnected world the way it is, it’s nearly impossible not to come across this situation at least once. Because of this, having a secure file server can do wonders when making sure your data is accessible by the people you want to access it. So, how do you set up a secure file server? Well, companies like Fognigma are here to help. We can walk you through what happens when sensitive documents or files end up in the wrong hands and what to do about it. Read more on exploring your secure file server options and how to implement them within your organization. 

The Risks of Relying on Thumb Drives

Thumb drives used to be great. They’re portable and hold a ton of data, but they’re no longer as sufficient as they used to be. Thumb drives can get easily lost or even stolen, and you don’t want outside users to have this kind of confidential information. Also, using thumb drives across multiple devices can create confusion and multiple versions of the same file, which just makes the entire situation more disorganized. So, read below some solutions Fognigma suggests instead of using the traditional thumb drive for information. 

The Cloud Storage Dilemma: Convenience vs. Security

The newest and most efficient way companies are storing their information is through cloud storage. This is an invisible yet protected area where information like presentations, call logs, and more is stored so that only the authorized users assigned to this cloud have access. If you work in a remote setting, cloud storage is also extremely beneficial to everyone on your team since they can access the information from anywhere in the world. However, there are always risks with putting confidential data in any type of online storage. Here are some of the top ones we’ve seen working with our clients:

Lack of Control Over Encryption Keys

Making sure your cloud storage has encryption keys in place is crucial. It only takes a little bit of time for hackers to get into a cloud storage provider when there aren’t any sort of encryption keys implemented. We like to say that encryption is the backbone of file security, and encryption keys are what lock and unlock your files. Many cloud storage providers retain ownership of these keys, meaning that if their systems are hacked, your files could be exposed. Without control over your encryption keys, you’re essentially letting anyone in the world have access to your network at any given time. 

Limited Security Customization

Cloud storage can be a little bit tight on customization. To be able to have your data protected in the way you want, you’ll have to go further than just the standard cloud storage provider. In doing this, it may be beneficial to team up with Fognigma so you’re not at the mercy of encryption standards, update schedules, and security protocols with Erebus, our file sharing solution.. 

Data Sharing Practices

If you have a lot of people who share data under your organization, you may want to go the cloud provider route. You can collaborate or share with multiple people, including third parties, without posing a significant security risk. 

Shared Server Vulnerabilities

Cloud storage can offer shared servers, but this feature can often bring vulnerabilities you may not be aware of. For instance, if a certain employee or even customer account is hacked, attackers may be able to leverage this specific hack to gain more access paths, like seeing files and other confidential content. It’s important to know all the risks and potential vulnerabilities that cloud storage can pose before making the decision to incorporate it within your organization’s network. 

Why Host Your Own Secure File Server?

Have you ever thought about hosting your own secure file server? This may seem scary, but it’s actually the best way to have complete control over your organization’s data. If you’re interested, teaming up with Fognigma is one of the first steps in taking your server private. Also, it can give you the ability to customize your security while making sure your files are consistently protected. Read more on some simple methods of setting this up. 

Best Methods for Setting Up Your Own Secure File Server

The good news is that there are multiple ways to set up your own secure file server. If one method doesn’t suit you in setting up the server, you can always try another. Here are three we think are most popular:

NAS (Network Attached Storage)

NAS is simple and a great way to keep your things private. NAS stands for Network Attached Storage, and it is mainly a device that you can configure on your own and create an external hard drive of sorts. Many of these are equipped with USB ports or adapters, so you’re able to plug them right into a router. NAS devices are great for small businesses or companies that don’t do a lot of file sharing but still want to be protected from unauthorized users. 

FTP (File Transfer Protocol)

FTP, or File Transfer Protocol, has been around for a while. We’re talking as early as the first days of the internet. It’s a great way to act as a protected server when you want to transfer large files. If you consider going this route, don’t forget about SFTP (Secure File Transfer Protocol), which is where you can add SSH encryption, and FTPS (File Transfer Protocol Secure), which adds TLS encryption. All of these kinds of FTP services are easily customizable, so they’re tailored to your company or organization’s specific needs.  

HFS (HTTP File Server)

HFS, otherwise known as an HTTP File Server, is another method you can consider in setting up your own file server. It’s long-lasting and great for beginners who need a quick solution. If you’re mainly looking for more control over a server’s functionality, this may be the best option.

What to Consider for Hosting Your Own File Server

When thinking about how to host a secure file-sharing web server, you’ll need to consider a few things before deciding what method you’ll ultimately go with. Hosting your own server can make you or your IT team more responsible for safeguarding your data. If you’re comfortable with this, then go for it! If you’re unsure, it may be beneficial to talk to a company like Fognigma that can help figure out what works for your organization. Read below on other security practices you may want to think about before pulling the trigger on running your own file server security.

Keep Software Updated

Once you’ve got the secure file server installed or implemented, it’s super important to regularly update, no matter the server software. Having updates in place on a regular basis can patch vulnerabilities and stay ahead of potential threats. Outdated software is one of the most common entry points for cyberattacks.

Use Strong Encryption

Don’t forget to include encryption! Some may think encryption isn’t always needed, but it’s the best extra layer of protection you may need in a cyber attack situation. If you team up with Fognigma, we have our own encryption solution called Conclave. This kind of encryption method makes it significantly harder for unauthorized users to access your data.

Control Access

It’s also very important to only give control access to people who are in your organization. Setting up user authentication can help make sure people outside of your org aren’t getting access to your files. Only authorized users should be able to view or modify your data.

Monitor Activity

Once the internet file server is in place, make sure to continuously track user activity, like logins and more. This can make it easier to find suspicious behavior quickly, so you’re able to respond in real time if there are threats happening. 

Backup Your Data

Backing up your data is also a crucial component of having secure data and protection in place. The worst thing that can happen is that you do get hacked, and all that data is erased or in the wrong hands. If this isn’t backed up somewhere in a secure location, you’re unable to get that back. Just make sure you store backups in a secure location, separate from your primary server.

Benefits of Hosting Your Own Secure File Server

There are so many benefits to hosting your own secure file server, no matter how big or small your organization is. The biggest reason a lot of people decide to go this route is having full control. You’re able to see all your data with the specific security measures in place, all while things are protected and secure. Also, this gives your files an enhanced level of privacy. You don’t have to worry about third-party access or data sharing because you’ll have your tailored encryption and security protocols in place. Then, finally, another benefit of hosting your own file server or secure file host is being able to save money because it’s way more affordable than going with an expensive subscription fee. 

Where Does Fognigma Come In?

Suppose you’ve decided on going the hosting your own file server route, great! Now, where do you begin? There can be a lot of initial questions and concerns before you actually install and set up file server security. This is where Fognigma can help answer some of those questions and even help walk you through the configuration if needed. Team up with our company today if you’d like to set up a secure file server correctly. We’re happy to help any way we can. 

What is the difference between NAS and file sharing?

As mentioned before, NAS is a network-attached storage feature that can allow administrators to control who has access to what. This is similar to traditional file sharing to an extent, but the biggest difference is the overall design and focus. For instance, a file server usually offers more customization, while NAS is already set up in a stricter, more specific way, like access controls or security configuration options. Overall, it’s primarily up to you and your organization on which secure file host you decide on, so consider all the options before making the decision. 

Summary on How to Take Control of Your Data

It may seem daunting to set up your own secure file server, but it’s way easier than it looks. Having a cloud storage service is old news. Most companies and organizations want total control when it comes to network security, and having your own secure file storage server is the first step in doing that. Whether you’re a small business owner, a remote worker, or simply someone who values privacy, a secure file server can provide the peace of mind you need to work confidently from anywhere. So, take the leap and set up your own file server. If you have any questions on how to get started, reach out to our team at Fognigma today!

malware to vdi

The Problem with Old Encryption Methods

by CybersecurityEncryptionFognigma

Encryption is Vital

Mission success depends on organizational data and communications staying protected. It behooves organizations, therefore, to shroud their comms and data with encryption. So why don’t they? Why don’t organizations and agencies rush out and implement at least some form of encryption? Why don’t they make encryption a top priority? Well, it’s not as easy as just pressing a button, but perhaps not for the reasons you think. Let’s examine encryption, some of the things that prevent organizations from adopting it, and some of the disasters that can occur without it.

 

Encryption is Nothing New

As soon as the first person had a secret they wanted to tell another, without the whole world knowing, encryption was born. (We’ve covered some of this before in our blog about Dual Encryption. Take a read for some extra background into the history of encryption.) Encryption of one form or another has been used to protect trade secrets, important communications, and military intelligence.

All encryption is based on ciphers — rules of reorganizing the information so its actual meaning is hidden from anyone who doesn’t know the rules. In a simplistic model, the ciphers work with special keys to lock up the data, and the same key (symmetric encryption) or a different key (asymmetric encryption) unlocks the data and allows it to be deciphered.

Since encryption was first born, however, others have been working hard at breaking encryption. And so, encryption methods have grown more and more complex. The current accepted standard of encryption is AES-256 encryption which creates digital keys 256 characters long. Brute force (i.e., guessing all random combinations) a number that size would take a billion times longer than the age of the universe.

So, encryption has been around a long time, which brings the question again: Why aren’t organizations adopting encryption for all their data and communications?

Encryption Costs Time

Encryption doesn’t just happen. A method must be chosen, procedures must be implemented, users must be trained, and then everyone actually needs to use the encryption. All this disruption to the current way of doing things takes time. Lots and lots of time, especially the “everyone actually using it” part.

Encryption adds extra steps to workflow and users are notorious for going around company policy if it slows down their work. A new report from Symphony Communication Services shows 24% report they are “aware of IT security guidelines yet are not following them;” “27% knowingly connect to an unsecure network;” and “25% share confidential information through [unsecure] collaboration platforms.”

This is very troublesome when incorporating encryption into your organization. For encryption to protect properly, everyone needs to be using it instead of finding ways around it. A report by the Government Business Council showed that of those Defense employees who admit to using their personal devices to conduct agency work, 94% say their devices have not been approved by the agency. Once again, more evidence that users are choosing convenience over security—choosing to save time over protecting the organization. Time, then, is the true cost (and problem) with old encryption methods.

Automated Encryption is the Future

In the future, encryption will be easier for organizations to adopt because it will all be handled behind the scenes. You’ll simply log in to a program (which will handle all the key exchanges and encryption/decryption) and let it run in the background. You will then be able to send encrypted messages as easy as sending a regular chat message—no extra steps needed. You’ll be able to encrypt files that only the specific users you selected will be able to open (even if the user is just yourself). And this encryption will be available on desktop and mobile devices, all working together to ensure your organization’s encryption.

Think that sounds like a pipe dream? Too good to be true? Too far out in the future? What if we told you the future was in the final stage of development and testing, and will be ready for release very soon? It has a name: Conclave. It has a purpose: to make sure you use encryption and protect your organization without all the extra steps. To learn how our automated encryption solutions can help secure your data, users, and organization, please contact us today!

Dual Encryption Methods

Dual Encryption Matters

by Encryption

Why Encryption?

Encryption is, quite simply, a means of ensuring your information remains your (and only your) information. It disrupts the “mind your own business” adage by attempting to make it impossible for others to mind your business. Tracing the trail of encryption (or cryptography, as they were almost synonyms until more recently as encryption has become digital) back through time, some of the very earliest encryption was used to protect military orders. This isn’t surprising, as an effective military must keep its movements secret from the enemy. The Arabs, Greeks, Romans—almost all the cultures of the ancient world, in fact—used encryption in some form, though the Arabs are thought to be the first to document the subject. Military secrets needed to remain secret.

In his history of cryptography and encryption, The Codebreakers, David Kahn describes a 3″ x 2″ tablet from around 1500 B.C. This Mesopotamian tablet described the earliest known formula for making pottery glazes, protected with a cipher to safeguard trade secrets. Information was protected with encryption.

Fast-forward through time. More people in the world meant more secrets. Religions split and collided. Sciences grew, hid, grew more, and blossomed. And during all these changes and growth spurts, information about many topics had to be kept hidden from some group or another.

Today, information is just as valuable as ever and, since there is more of it and it is more accessible, protecting information has become a job in itself. Therefore, we encrypt to protect our organizations, our intellectual property, our families, our country, and, most importantly, our security.

 

But Really, Why Encryption?

We know there is information we need to protect, but is that the only reason we encrypt things? Nope! The tree of encryption bears three other fruits: authentication, integrity, and nonrepudiation.

Authentication refers to proving the sender is who they say they are. This is simple to picture. If you receive an encrypted message from someone and it’s using the encryption you both previously decided on, then you know the person sending you the message is the person you think it is. By using encryption, the sender has provided some proof of their identity or, at least, their authority to send an encrypted message.

Dual Encryption Methods

Integrity provides assurance that the information hasn’t been altered. Again, this is simple to picture: if you take a piece of data, encrypt it, and then decrypt it, you will have the same piece of data. If anything happens to that data, it won’t decrypt properly, and you’ll have a mess of random characters. If you have a mess, you know the integrity of the information has been compromised.

Nonrepudiation is a fun word that means the sender can’t say they didn’t send the information. If only two people have the encryption keys and information is encrypted using those keys (and assuming the receiver didn’t send it to themselves), then the sender is the sender. If the sender says they didn’t send it, the fact that the encryption was used proves they did. That is, the sender is unable to repudiate (or disavow) they sent the information.

 

Dual Encryption Matters

So, your information is protected with encryption, which is great. But what if someone breaks that encryption? One virtual lock picked, and your information is now in peril. Perhaps the easiest way to visualize this is a door with both a door lock and deadbolt. Any attempted intrusion has to bypass both locks before the door can be opened. By using two levels of encryption, information is safeguarded against a single point of failure.

encryption methods to protect devices

Encryption should ensure the amount of time required to defeat the encryption is longer than the amount of time the data is of value and required to be secure. With AES-256 encryption, the current accepted standard, block lengths support 256 bits from which to create a key. Imagine guessing an ATM pin that was 256 characters long and the variations that it could contain. That’s a lot of really long numbers.

To put this in another context, breaking a symmetric 256-bit key by brute force would theoretically take longer than our universe has existed—multiplied by a billion. Now imagine two layers of AES-256 encryption and you can see why dual encryption matters: having to brute force through two layers of such a tough encryption standard borders on statistically impossible.

 

Two Heads are Better than One

Most cryptographic solutions make use of a single software library to provide encryption and decryption of data. A single software library does give you encryption, true, but also comes with the risk that in the event of a zero-day compromise of the library, the entire encryption fails.

To combat this single point of compromise, Fognigma (our enterprise software solution which gives organizations the power to build encrypted, invisible, and anonymized cloud-based networks, thus securing your communications and online activities) offers the ability to add in a completely separate secondary software library to dual layers of encryption. In the event of a zero-day exploit or other compromise of one library, the second library remains uncompromised and your data remains safe.

In addition to the standard versions of these libraries (OpenSSL and wolfSSL), Fognigma also offer a FIPS 140-2 validated version of each library (OpenSSL – Certificate #3284; wolfSSL’s wolfCrypt – Certificate #2425).  By using one or both of these FIPS-certified cryptographic libraries, Fognigma can comply with the most rigorous regulatory requirements.

Dual layers of encryption. Dual software libraries. Fognigma is ready to give you the power to protect everything your organization holds dear. Contact us today to learn more or to schedule a demo.