Secure HTTPS Headers for JavaScript with Lambda@Edge

Delivering JavaScript securely is super important when you do crypto in the browser. Since the web version of our InnoVault product does browser-based key generation and encryption, it relies on secure JavaScript code delivery. With the help of the good folks at Amazon, Tozny has been running a pilot with Amazon Web Services’ (AWS) new Lambda@Edge capability to add secure …

Tozny Launches InnoVault – Encryption Toolkit For Developers

We are proud to announce the release of our latest product, InnoVault – a toolkit that enables developers building websites, apps, and other software to easily embed end-to-end encryption for data security and privacy. 2016 saw a 40% increase in data breaches over 2015, and the team here at Tozny decided we wanted to do something about it. InnoVault is our …

Security for Small Business

As part of an ongoing series, we’re taking a look at security for small business, the tools that are available, and the best practices that keep your business ahead of the curve.

SimpleSAMLphp for Easy Identities

Our most recent series has detailed what’s involved in building and configuring your own centralized authentication service built atop the open source SimpleSAMLphp project.

NIST Global City Teams Challenge Super Action Cluster Summit

Tozny recently participated in the Global City Teams Challenge Super Action Cluster Summit with a focus on the security and privacy of connected vehicles. Feb 01, 2017 to Feb 02, 2017 12:30 pm – C123/124 Lunch Keynote: Data Protection, Privacy and Security, and Smart Cities This panel will discuss transportation cybersecurity issues within a Smart Cities framework with an emphasis on privacy, …

Top Ten Privacy Checklist Before Direct Action

Greg Stromire provided a great list of privacy protections you can take before participating in direct action as a part of his recent Data Privacy for Activists workshop. Because your mobile device is likely to be one of the most obvious ways of breaching your privacy, many of these are about protecting you mobile device.

Data Privacy for Activists

This past weekend, one of our great engineers, Greg Stromire hosted a workshop entitled“Data Privacy for Activists” here in Portland. The twenty-five very curious audience members dug into topics like: password practices; easy VPN use; encrypted email; protecting your mobile device. With how relevant this workshop was in the current environment, we thought we would post the top take-aways that Greg presented so everyone could benefit from his presentation.