29 August 2017 at 10:52am
Encryption is a powerful security tool, but one that is very easy to misuse and implement poorly. The past years have seen several vulnerabilities and events that we have had to respond to HEARTBLEED, BEAST, POODLE, the retirement of SHA1 certificates, and PCI DSS mandating TLS 1.1.  We have spent a lot of time and effort ensuring that our own systems are well managed, and it is important that our suppliers are able to keep pace with changes in how we want to use encryption. This has led us to start including requirements for encryption within procurements.
27 July 2015 at 4:18pm
Recent news has nicely coincided with my drafting of an encryption policy as part of our Information Security Management System. “Logjam” joins a growing number of vulnerabilities in cryptosystems such as Heartbleed, BEAST and POODLE.
22 December 2014 at 12:07pm
The steady growth in the use of encrypted communications seems likely to increase next year given recent announcements on both web browsers and servers. That's good news for security people worried that their users may be sending sensitive information such as passwords and credit card numbers over the Internet.
Subscribe to TLS