Security

SECURITY AND END-TO-END ENCRYPTION

With growing concerns over data breaches, hacking and the devastating effects of data loss or privacy compromise, the need to do information sent over the internet more secure becomes more crucial than ever.

Users usually have no control over what happens to data they send from one end to another, when the data are enclosed in transit; especially when using free services. Information such as voice calls, email, chats or even credit card details is then privy to individuals and organizations with enough technical know-How because these data pass through many routers, devices and unknown servers which can be intercepted.

The solution to this loophole is in the use of high-end encryption for data sent over the internet, such as the encryption services provided by us.

Encryption
Encryption is the process whereby plaintext or any other type of data is converted from a readable form to an unreadable and encoded version that can be decoded by another entity only if they are given access to a decryption key. Encryption makes data that is forwarded over the internet impossible for any party to intercept or read it, except for the intended recipient.

When encrypted data reached its rightful recipient, the encoded data are transformed back to its original form, where it is readable and understandable again. This process of unscrambling encrypted data is called decryption.

Encryption is built on the science of cryptography which is used to keep the information secret. Modern form of cryptography relied on computers, using ciphers- better known as an algorithm.

Algorithm is the computer mechanism that runs on the data to encrypt it. Encryption key is used with this algorithm to scramble or encode the data in a way that the right key will be required, along with the algorithm to decrypt the data.  Therefore, only entities with this key can have access to this information.

Types of encryption
Encryption systems generally exist in two categories: symmetric-key and asymmetric-key encryption.

Symmetric-key encryption involves using one key to both encrypt and decrypt the data.  This means the sender and recipient have the same key. Such system is relatively easy to breach as possession of this singular key gives direct access to the information.

Asymmetric-key encryption involves utilizing two types of keys for each party, one public key and a private key.  The shared keys are available to the sender, recipient and everybody else. This shared key is necessary to share before communication is established. The public key of the recipient is utilized to encrypt the data whereas decryption the data involves both the public and private key of the recipient.

As the remote key is accessible only to the recipient, even the sender is denied access to the decryption information.  This makes the asymmetric encryption system a viable option for data security and it gets this principle that is adopted in building end-to-end encryption systems.

The standard encryption system used on the web is the Secured Socket Layer (SSL) which offers protection from hackers spying on confidential information such as passwords, personal details, credit card numbers, social security number etc.

Emails usually contain a lot of sensitive information and it is now required to secure emails using a standard level of encryption.

Transport encryption allows emails to be encrypted when they are sent and encrypted when they are delivered, using an encrypted tunnel.  Transport Layer Security (TLS) network protocol- which is the last version of SSL, is utilized with POP3S email transfer protocol to create the encryption tunnel or end-to-end encryption.  This security system is particularly employed to connect two servers directly.

Content encryption is used to encrypt the email itself, instead of the pathway or tunnel in which the data transmits via.  The standard for email content encryption is either the Secure/Multipurpose Internet Mail Extension (S/MIME) or the OpenPGP.

S/MIME is a content encryption service widely used by enterprises and organizations while open source OpenPGP such as GNUPG and other variants is exercised by people in data exchange.

FEATURES OF SECURE SERVER

  • Encrypts all information: encrypting only confidential information takes note of the fact that the encoded data contain valuable information, making you susceptible to launch an attack on from hackers.  However, when all information is encrypted, hackers have a more strenuous job of encrypting all information to get valuable information.
  • Network monitoring: internal network is monitored for intrusions and unusual activities. This halts the spread of server-to-server malware before it gets to the site host.
  • Hardware and uptime: system failure is put in check by maintaining a complete copy of a functional server operating system.  Network has robust hardware you guard against downtime caused by hardware failure. Presence of multiple servers also helps avoid overloading and assists load balancing.
  • Backups and restore points: backups are stored in a secure location, away from the main server and they provide a trusted repository for updated copies of the data.
  • Access to server: physical access is limited to certified security technicians and Secure Socket Shell (SSH) is used to log into the server. RSA keys are included with another layer of security.  Files are controlled by file permissions and permissions are not granted in full to all files. Access to server is inaccessible and uses FTP and SFTP.