CipherTrust Cloud Key Manager Many infrastructure-, platform-, and software-as-a-service providers offer data-at-rest encryption capabilities with encryption keys managed by the service provider. Meanwhile, many industry or internal data protection mandates, as well as industry best practices as defined by the Cloud Security Alliance, require that keys be stored and managed remote from the cloud service provider and the associated...

Whether you are a Kyos customer or not, considering the criticality of this flaw, we offer you a free primary investigation of your Exchange server, to determine if it is still vulnerable, as well as to identify if any potential attacks have taken place, which we know is very likely. Even though Kyos Exchange Servers have not been affected, 50% of our customers with on-premise Exchange Servers have been impacted, despite the application of the...

    In collaboration with our partner CoreView we are organising a webinar. Simplifying the Microsoft 365 administration, while adding boundless power and masterful automation is a game changer – shortening tasks to seconds, offering the satisfaction of steady accomplishment, and reducing errors to near zero.   Join our SaaS experts for a 45-minute session, on 25th March. You will learn how: Radically Simply Administration,...

  On March 2, Microsoft has released an emergency security update for Microsoft Exchange to remediate six vulnerabilities allowing remote code execution, of which 4 can bypass any authentication control. The discovery of the vulnerabilities was made by a cybersecurity company that was investigating atypical volume of traffic on a customer’s Exchange server. According to Microsoft, the vulnerabilities have been exploited in 2021 by a single...

  DKE – or Double Key Encryption – is a new option offered by Microsoft Information Protection (MIP) a cloud-based data classification and protection software. Given that many customers are worried to start their journey to the cloud because of data protection concerns, Microsoft implemented a new option to protect unstructured data (documents, files) against unauthorized access, wherever the document or file is stored AND against the...

The concept of Cloud has evolved in the last 20 years, and security concerns have grown with it. The first serious effort to provide data hosting in the Cloud comes with Amazon Simple Storage Service (S3), and with it the security burden to make sure that correct permissions were configured to avoid private data to become public. Next came Cloud regions, that not only provided faster and better experience to non-US customers but also addressed...

  When it comes to encryption keys, security best practice is all about control and separation between encrypted data-at-rest and the keys. Google Cloud encrypts customer data-at-rest by default and offers organizations multiple options to control and manage their encryption keys. For many organizations hosting sensitive data or looking to migrate workloads to the cloud, they require enhanced control and ownership over their encryption...

In October of 2020, the Center for Internet Security (CIS) has released a Videoconferencing Security Guide. It’s goal is to provide overall security guidance to mitigate attacks and be applicable to a wide variety of videoconferencing systems and their users. With the Covid-19 pandemic, videoconferencing has become a critical business tool since in-person meetings have been discouraged or simply impossible. Unfortunately, this growth has also...

  There are plenty of good reasons to move data, applications and infrastructure to the cloud. But what about security? Doesn’t cloud add new risks? How can you capitalize on the advantages of the cloud without compromising your organization’s security? You can combine the best of the cloud with trusted, proven security solutions from nCipher Security. On 3rd December 2020 at 10:00 CET you are able to learn more about being in...

Kyos team is proud to announce that we have successfully passed the CREST Accreditation for Penetration Testing. This accreditation allows our clients to get CREST Certified penetration testings directly from Kyos. This standard ensures clients that they can get high-quality services from Kyos and entrusted professional ethical hackers. ‘CREST is pleased to welcome Kyos SA. as an accredited member company’, said Ian Glover, president of CREST,...