Code Signing

Digital Certificate Footprint

In today’s digital market trust is imperative. The need to protect your identity from Identity theft and hackers is critical. With software vendors there’s no exception and in fact may be more important because a vendor’s software has the potential to infect millions of user PC’s.

Code Signing Certificates

Code signing certificates prove to the end-user that the software they are and installing belongs to who they think it belongs to and that it wasn't tampered with. It allows the software publisher to digitally sign their code to prove to end-users that it has not been modified by a third party. Unfortunately, even those honorable small business software developers are affected by common criminals. A small vendor may not have the funds for purchasing digital code signing certificates and not doing so, puts them in an environment that appears to be negative. You know, those big yellow warnings when you try to install something. These warnings give no assurance to the user that the software developer is in fact the publisher of the software downloaded.

Not all software developer who develop software and don’t purchase code signing certificates are bad. Sometimes it’s just easier and faster to just deliver the software without signing, although it may not be the smartest way of doing business in today’s cybercrime environment.

Read More

Encryption Everyone Needs

A Bad Word

When it comes to encryption, it almost seems like a bad word. In the days of old, only businesses primarily used encryption to secure data for their customers. However, the unfortunate fact in today’s society is that we all need encryption.

So much of our information is in clear text and a hacker can easily grab passwords and user account information. We’ve heard too many times about the overwhelming amount of information that has been stolen from big corporations and information warehouses such as the Equifax data breach. Not only is sending and receiving information at risk, information that is at rest is also at risk.

Although a lot of big businesses and government municipalities may encrypt a website connection and possible financial information. Unfortunately, they may not use encryption on the data that is resting within their database. Some corporations/agencies may encrypt the user password only within their database and leave all other information flapping in the wind as a flag saying come get me.

Small businesses and individual users sometime feel that they’re not big enough to require any sort of encryption. However, that’s a major misnomer. We see it all the time via our emails that are geared toward stealing information from us. Have you ever received an email that pretended to be from the IRS? How about those interesting emails that just simply say that there from another country and have $7 million to send to you if you only send them your personal information. Information identity theft is on the rise and most people have not taken the recommended steps to secure their identity.

Read More