Category Archives for "Security"

Secure HTTPS Headers for JavaScript with Lambda@Edge

Delivering JavaScript securely is super important when you do crypto in the browser. Since the web version of our InnoVault product does browser-based key generation and encryption, it relies on secure JavaScript code delivery. With the help of the good folks at Amazon, Tozny has been running a pilot with Amazon Web Services’ (AWS) new Lambda@Edge capability to add secure HTTPS headers to the scripts we deliver on the CloudFront CDN. …

Tozny Launches InnoVault – Encryption Toolkit For Developers

InnoVault Encryption Logo

We are proud to announce the release of our latest product, InnoVault — a toolkit that enables developers building websites, apps, and other software to easily embed end-to-end encryption for data security and privacy. 2016 saw a 40% increase in data breaches over 2015, and the team here at Tozny decided we wanted to do something about it. InnoVault is our answer to protecting user data with the same type of robust measures already used for credit cards, …

NIST Global City Teams Challenge Super Action Cluster Summit

Tozny recently participated in the Global City Teams Challenge Super Action Cluster Summit with a focus on the security and privacy of connected vehicles.

Feb 01, 2017 to Feb 02, 2017

12:30 pm — C123/124
Lunch Keynote: Data Protection, Privacy and Security, and Smart Cities
This panel will discuss transportation cybersecurity issues within a Smart Cities framework with an emphasis on privacy, trust, and identity, and EV charging, storage, …

Data Privacy for Activists

This past weekend, one of our great engineers, Greg Stromire hosted a workshop entitled“Data Privacy for Activists” here in Portland. The twenty-five very curious audience members dug into topics like: password practices; easy VPN use; encrypted email; protecting your mobile device.

With how relevant this workshop was in the current environment, we thought we would post the top take-aways that Greg presented so everyone could benefit from his presentation.

DNC’s Email Leak Reinforces NIST’s “Security Fatigue” Study

Security Fatigue NIST

A newly released report from the National Institute for Standards and Technology (NIST) suggests that users are in a state of “security fatigue” that leads them to risky-behavior in their digital lives.

The study defines security fatigue as a weariness or reluctance to deal with computer security.  “Researchers found that the result of weariness leads to feelings of resignation and loss of control. These reactions can lead to avoiding decisions, …

Post Yahoo, Passwords are Passé

14% of Worldwide Internet Users Were Exposed

I’m sure if you are reading this, you are already aware of the historic Yahoo data breach that was announced last week.  500 million accounts affected — the largest number of accounts ever affected by a known breach.  Let’s put that into perspective — according to the US Census Population Clock, the current population of the US is 324 million.  That means this hack could have contained an account for single person in the United States and still had 126 million accounts to spare.  …