Additive Process for Assuring the Identity of Sending & Receiving Parties During Key Exchange

In The News

Google Cloud Platform
Offering Google’s New User Encryption
By Richard Blech Google announced a new beta capability on its Cloud Platform Blog: support...
7 Key Elements of a Successful Encryption Strategy
The most common method of protecting data in motion is the use of a secure sockets layer...
Quest Diagnostics Says Up to 12 Million Patients May Have Had Financial, Medical, Personal Information Breached
Quest Diagnostics, one of the biggest blood testing providers in the country, on Monday warned...

HTTPS Isn’t Always as Secure as It Seems

Widespread adoption of the web encryption scheme HTTPS has added a lot of green padlocks—and...

Secure Channels PKMS2® Wins MVP Award From CTR

Secure Channels’ robust, state-of-the-art PKMS2® encryption renders all types of data fully...
cell phone

Discovered Flaw leaves Back Door with Cell Phone Calls

Recently The Washington Post printed an article written By Craig Timberg “German researchers...

SAIL and Your Business

  • Process that CONFIRMS the identity of both the SENDER and RECIPIENT when exchanging encrypted data
  • Eliminates man-in-the-middle and spoofing attacks
  • Facilitates incorporation of biometric data into the symmetric encryption process
  • Can be adapted to work within existing TLS process or other processes that require additional security assurances

Technology in the News

ZIPcrypt Review: A Revolutionary Encryption Tool

By SoftwareSugges We’re living in a hyper-digital era and never before has cryptography attained such massive importance in our lives. Organizations all over the globe have realized the value of encryption tools to ensure that their data is protected in transit and...

How to Avoid the Top Three Causes of Data Breaches in 2019

What's the price of unprotected IT infrastructure? Cybercrime Magazine says that global damages will surpass $6 billion as soon as 2021. Here we'll go through some of the most frequent and emerging causes of data breaches in 2019 and see how to address them in a...

Google confirms ‘quantum supremacy’ breakthrough

Google has officially announced that it’s achieved quantum supremacy in a new article published in the scientific journal Nature. The announcement comes exactly one month after it initially leaked, when Google’s paper was accidentally published early.Did you enjoy...

NordVPN confirms it was hacked

NordVPN, a virtual private network provider that promises to “protect your privacy online,” has confirmed it was hacked. The admission comes following rumors that the company had been breached.Did you enjoy this article? Then read the full version from the author's...

We asked a hacker to try and steal a CNN tech reporter’s data. Here’s what happened

I share, therefore I am. I am the kind of person who posts Instagram photos (filtered, of course) from my vacation. I am also the kind of person who tweets about buying an overly-expensive piece of furniture because I fell for a sleek online ad about how it would...

Newsrooms, let’s talk about G Suite

There are many legitimate reasons to give administrators this far-reaching ability to organize and retain user data, such as compliance with legal requests. All of this logging and retention functionality may also help your organization’s administrators monitor for...

In the last 10 months, 140 local governments, police stations and hospitals have been held hostage by ransomware attacks

The attack starts, innocently enough, with an email. But when someone clicks the link inside, hackers quickly take over. CNN's Tina Burnside, Kevin Collier, Pierre Meihan, Faith Karimi, Eli Watkins and Zachary Cohen contributed to this story. Did you enjoy this...

Cloud Breaches Like Capital One Will Strike At Self-Driving Cars

The news has covered yet another breach of systems security that involves the theft of massive amounts of data, in this case impacting an estimated 100 million customers of Capital One Financial Corp. In the past, the public might have reacted vociferously in outright...

Siemens-Poneman Study: Cyber attacks on power utilities are growing in numbers, complexity

The cybersecurity risks against critical power infrastructure seems to be worsening, as a new study indicates that 56 percent of respondents reported their companies suffered one or more shutdowns or loss of operational data per year. Did you enjoy this article? Then...

Hack Breaks PDF Encryption, Opens Content to Attackers

Researchers in Germany have invented a new hack that can allow someone to break the encryption of PDF files and access their content  — or even forge signed PDF files under certain circumstances. Did you enjoy this article? Then read the full version from the author's...

What is SAIL?

  • Better secures email & ecommerce transactions
  • Better protects against “man-in-the-middle” attacks
  • Eliminates “Phishing”
  • Uses standardized (RSA) encryption
  • Provides notable benefits vs. (TLS) process:
    • SAIL significantly improves on the simplistic (TLS) process by including steps that securely authenticate & identify both parties.
    • SAIL combined with a key exchange (such as Secure Channel’s Secure Key Infrastructure) would provide additional security benefits over the existing (TLS + OAuth 2.0) process in-use today.

Addressing the Gaps in Healthcare Security

Secure Authentication and Identity Loop (SAIL).

Healthcare organizations are increasingly targeted by hackers over the value of the data they depend on to operate.  The data transmitted among staff, branches, insurance companies, devices, apps and patients is rich with protected health information (PHI) and fetches a greater price than credit card or financial information on the dark web.  The healthcare sector suffers more ransomware attacks than any other industry due to the mission-critical need for providers to access PHI to operate facilities and administer treatment.    Ransomware can be introduced into healthcare systems through a man in the middle transmission injection or via malicious code attached to an email from an unauthenticated party.

The highly sensitive nature of PHI and the effects that its unauthorized disclosure can have on patients are at the heart of the heavily-regulated sector’s data privacy controls.  The Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act impose stiff penalties on health organizations following data breaches resulting from improper PHI handling.  The fallout from unauthorized PHI disclosure can include impacted patient privacy and livelihood, damaged confidence in the healthcare institution and severe financial toll.

As of 2019, the average healthcare cyberattack recovery cost is $1.4 million.  To combat the rising costs, healthcare organizations have implemented technologies meant to transmit PHI securely through digital communication channels.  Organizations have deployed HTTPS inspection tools designed to terminate malicious code before it reaches its intended destination, and prevent unauthorizing parties from intercepting communications.  Many HTTPS inspection tools, however, were found to actually reduce the security of network traffic, leaving healthcare organizations more susceptible to the threats they sought to abate.

Healthcare organizations need a cybersecurity solution that provides end-to-end protection for its sensitive network connections.  The solution must authenticate parties to ensure PHI is sent to and received by the intended recipients.  It has to shore up communication channels and eliminate weaknesses man-in-the-middle attackers can exploit to exfiltrate or manipulate data, or introduce malicious code.  It also needs to be limber to safeguard communications among medical devices, patient mobile apps, email clients and myriad other deployments.

SAIL solves with:

Authentication: Persons, devices and apps register with Secure Channels’ SCIFCOM token authority.  The SAIL process initiates a two-way authentication between all parties seeking to establish secure connections.

Integrity: SAIL’s two-way authentication for key exchange creates an impenetrable communication tunnel that resists manipulation of protected data in transit.

Confidentiality: SAIL’s secure communication tunnel prevents unauthorized parties from intercepting PHI in transit.

Adaptability: SAIL works with existing TLS and other processes requiring additional security assurances.

Reliability: SAIL’s secure communication process ensures data and signals transmitted among apps and devices are free from interruption or manipulation that can affect their performance.  It also eliminates channel weaknesses that can be used to inject systems with ransomware prompting significant business downtime.

Compliance: SAIL uses FIPS-compliant RSA to exchange keys for an extremely secure connection.  SAIL provides the strong communication tunnel component for cybersecurity solutions transmitting PHI covered under HIPAA, HITECH, Payment Card Industry Data Security Standard (PCI DSS) and other data privacy controls.