Key Management Should Be Designed First Not Last

Many good conversations about cryptography have ended badly after someone asks this: “How are you managing your keys?” Bad key management undermines even the best cryptography. Why? Because if the bad guy gets the key and the encrypted data, they get the unencrypted data. It’s as simple as that. There are three important things to consider in good key management: …

Why Encrypt Data in an Application? Save money in a data breach

Why encrypt data? Believe it or not, this is one of the most common questions we get in our work. Read on for why encryption saves money and lets you launch your product with confidence. This article is part of our Security Guide series – Encryption for Developers. Read more in that series of in-depth technical articles on getting encryption …

Encryption is Hard for Developers to Get Right

We’ve all heard the admonition, “Don’t roll your own encryption!”. That’s because it’s hard to get encryption right. Let’s take a moment to examine what that means exactly. Probably very few of us would set out to code a replacement for AES or ECC, except maybe for fun. We leave that to the professionals. But as developers, we often use …

Smart City Privacy Principles from the City of Portland

The City of Portland has been part of the national effort to create “smart cities” that operate on better data, and better automation. Smart City privacy has been a challenging area for many cities since more and more data is being collected about us on city streets, sidewalks, and even from our homes. In Portland, where Tozny is located, the …

End-to-end encryption – Why HTTPS is not enough

Apple has gotten a lot of kudos in the security community lately about their approach to end-to-end encryption. WhatsApp and Signal have gotten headlines in years past. Tozny offers end-to-end encryption toolkits for developers, and we often get asked why you should end-to-end encrypt data when HTTPS is pretty secure. This article is part of our Security Guide series –  …

Tozny at php[world]

Eric Mann, from Tozny’s engineering team, will be presenting two talks at 2017’s php[world] conference in Washington, D.C the week of November 15th.

Tozny at SOFWERX

Our CEO, Isaac Potoczny-Jones, will be exhibiting at SOFWERX’s Cyber Capability Expo this October in Tampa, FL.