flash_area

Have any questions?

contactUs


The Futurex Blog. News, Announcements and Much More.


Securing the Internet of Things

by Rachel Barnett on May 27th, 2015

You may be familiar with the Internet of Things, AKA the rapidly growing network of smart devices that are capable of connecting to the internet. From watches to refrigerators to vehicles, virtually any machine can now be made with integrated internet capabilities. Network connections significantly increase the ease with which your devices are managed, monitored, and used on a daily basis. But with the convenience of using your device to access the internet comes to the risk that someone else will use the internet to access your device.

To mitigate this risk, device manufacturers put extra security measures in place before the product even hits the store shelves. Using a technology called PKI (Public Key Infrastructure), device manufacturers set up a framework for encryption and authentication that restricts access only to authorized individuals.

Take a smart appliance as an example. Before the appliance is deployed in the field, the manufacturer will inject encryption keys using a compliant and secure hardware security module (HSM). The HSM keeps the encryption keys secret within reinforced hardware, keeping unauthorized individuals from viewing the keys and compromising the appliance’s security.

The keys inserted into the appliance are used to set up a mutually authenticated connection in which two endpoints of communication are established as trusted. By exchanging public keys, each endpoint can verify that the other connection is from a trusted source. If an unauthorized connection is attempted, that connection will be rejected because it does not have the appropriate encryption keys to establish trust.

If the business that issued the appliance needs to make updates, such as a firmware upgrade, they can connect to the appliance securely without having to worry about end user involvement because they are part of the circle of trust.

This same process of public key infrastructure and mutual authentication applies to all Internet of Things devices. To learn more about PKI, download our whitepaper. To learn about how Futurex HSMs can secure IoT devices during manufacture, visit our Manufacturing Solutions page.


Bookmark and Share

Data Security & Fraud Prevention Roundup – May 15th, 2015

by Futurex on May 15th, 2015

Our Data Security & Fraud Prevention Roundup contain links to the best data security and fraud prevention-related articles, blog posts, news releases, interviews, and anything else that we found interesting from around the web over the course of the last few weeks and our thoughts on them.

#1: Building a Stronger Security Strategy: 6 Tips by Harry Folloder, InformationWeek (May 4, 2015)

Every company needs to have a strategy in place for protection of data – whether that is healthcare information, payment data, personally identifiable information, or any other material that is entrusted to the company. Harry Folloder lays out six starting points and tips to creating and maintaining a strategy for building your data security infrastructure.

#2: Infonetics: Cloud Security Services Market on the Rise by Elizabeth Montalbano, The VAR Guy (May 7, 2015)

Good news for businesses seeking to take their data to the cloud: it’s only getting easier. As more cloud security companies grow and enhance their service offerings, businesses of all industries can more easily leverage the cloud for a secure and convenient way to process, manage, and store data. This article discusses a recent report on cloud growth and what it means for the market.

#3: 6 Ways to Combat Internal Threats to Data Security by Mary A. Chaput, CFO (May 7, 2015)

Healthcare CFOs are faced with a continuous challenge of keeping the Personally Identifiable Information of patients and healthcare workers secure. With the increasing interconnectedness of data sharing across healthcare networks, how do CFOs protect this information? Author Mary A. Chaput outlines the tools in CFOs’ arsenals that will help avoid data breaches from every angle.

#4: Your Guide to Compliance in the Cloud, Ed Tittel and Kim Lindros, CSO Australia (May 11, 2015)

Even though cloud data security is new, it is still subject to all the regulations and standards that physical security infrastructures are built around. Making sure that your cloud provider holds itself to the high standards of data security regulatory agencies is an important step of migrating your security structure to the cloud. Looking for a fully compliant cloud solution? VirtuCrypt offers the highest level of security for protecting your cryptographic needs in the cloud.

#5: 3 security questions to ask when vetting a vendor that needs company data by Beth Weeks, The Enterprisers Project (May 11, 2015)

Studies show that a consistent number of data breaches every year are caused by third party vendors. When working with vendors outside of your company, it’s not easy to control the path that sensitive data takes, so organizations need to think carefully about who they do business with. Beth Weeks offers some helpful questions for CIOs considering doing business with an outside vendor.

If you find something interesting that you’d like to see considered for our next Data Security & Fraud Prevention Roundup, don’t hesitate to let us know. We’re always on the lookout for new and interesting perspectives on data security news, issues, thoughts, and best practices. Send your best links to [email protected], or share them with us on Twitter (@Futurex).


Bookmark and Share

Securing the Electronic Invoicing Process

by Futurex on March 24th, 2015

Electronic invoicing is a digitized format that has become the most used and practical method of delivering a summary of goods or services issued to a customer. This electronic document is the direct replacement of a hand written or printed invoice.

There are many advantages to a digital invoice over a paper copy. Some of these benefits include improved data tracking, better client accountability, prompt delivery, and overall cost reduction. Electronic invoices are utilized all over the world by various types of business markets ranging from freelancers, various private sector businesses, and government offices.

Electronic invoices, while faster and inherently more secure than a piece of paper, still need to be processed securely to ensure fraud protection, particularly in the case of sensitive and personal information that will travel through government channels. Some countries have begun using invoices to track tax information and process transactions between businesses and government.

The content in these digital documents is confidential and should only be known to the recipient and issuer. It is important to assure safe delivery and integrity of these files. So how do you keep your electronic invoices safe? A simple and most secure solution is to employ the use of hardware security modules, otherwise known as HSMs. Futurex HSMs are capable of transmitting data securely over networks and digitally signing these invoices. This digital signature is a form of encryption that is applied real-time and on the fly to each invoice, giving it a unique ID that can be validated at any time, this way we can be sure it was produced by the issuer and the content is authentic.

Here is an example: In some countries, governments use a certified third-party business to receive records, digitally certify and sign these records, and then send them to the government.

Futurex’s Excrypt SSP9000 is an HSM that is capable of performing this kind of encryption, adding an important layer of security to your digital invoices. It is also important to mention that security standards require the use of compliant processes and equipment. The Excrypt SSP9000 is fully compliant with today’s security standards and equipped to adapt to any emerging standards.

For more information on an applied solution, download our case study illustrating how the Excrypt SSP9000 helps Mis e-Folios, a third-party organization that processes electronic invoicing for Servicio de AdministraciĂłn Tributaria in Mexico.


Bookmark and Share

Truly Xceptional Support: Our Promise to You

by Rachel Barnett on March 16th, 2015

Just how important is customer service when choosing to use a new business? At Futurex, we believe it is a chief component of the decision-making process, which is why we put great thought and effort into making our Xceptional Support best-in-class. Recently, Forbes Insights released a study titled “Modern Customer Service: Are You Outpacing Your Executive Peers?” that gave some insight into the current state of customer service among businesses spanning 10 different industries, including technology companies.

The study revealed that only 35% of businesses emphasize “knowledge management” in their customer service strategies, but that 51% of companies plan to invest in that area this year. Knowledge management refers to the idea that customer service employees should be skilled and knowledgeable in responding to their customers’ issues, with the ability to resolve any questions with little to no escalation. This concept is an integral part of Futurex’s Xceptional Support methodology; we employ CTGA-accredited Solutions Architects who handle both infrastructure implementation AND on-going support. This cross-departmental method ensures the people handling our customers’ issues are well-equipped to handle any problems expertly and efficiently.

One of the main features of Futurex’s support services is that our customers have choices on the level of support they want. Whether they’re opting for our extended hardware warranty, our Non-Business Critical Xceptional Support, or our Business-Critical Xceptional Support, Futurex will be there for them. Curious about what Futurex support can do for you? Check out this infographic:


Bookmark and Share