CYPHYX is a dynamic company with cutting-edge products that will solve problems or needs.
Protection only begins with Encryption
As with most breaches this one began with the target company having a weak security position and utilizing products that were only partial solutions to a critical problem. Encrypting their databases would normally protect sensitive data from exposure if the hack is simple, but more complex hacks involving the ability to acquire administrator level access require a more diverse and encompassing level of security.
SQrazorLoc, our database protection product, is such a solution because it doesn't stop at merely protecting the database, it also protects what applications can then access the database through it's secure gateway. Many existing products on the market are capable of encrypting the database, but lack the ability to manage the encryption parameters such as encryption keys. Other products are capable of managing the entire encryption process including all parameters, but still lack the ability to control what applications have access to the database. In both cases the critical solution lacks some component that leaves open a pathway for hackers to acquire the data even while it is secured through encryption.
CYPHYX took a different approach by first eliminating the need to manage the encryption parameters and second by controlling what applications can access the database. This dynamic approach means that the data is secured and encrypted, but also the access to the data through this product is also secured to ensure that a data breach is difficult and time consuming. While the hackers in this breach were able to first gain access to the encryption keys, they were also able to copy the entire database without the need to decrypt it first and thus spent the least amount of time with the least number of touchpoints ensuring their hack was as difficult to track and detect as possible.
Many solutions today only tackle one component of the problem, CYPHYX and SQrazorLoc tackles all components of the problem and competently addresses them to ensure the best protection for our customers.
UPS ( NYSE: UPS) and Norfolk Southern ( NYSE: NSC) said they are looking into whether employee health data was compromised after hackers posted medical records of truck drivers and rail workers to a leak site following an apparent ransomware attack and data breach at a Virginia-based occupational health-care provider.
For really secure communications, you then need to share a new key each time you want to communicate information that is supposed to be secret. The use of a new key each time is considered to be equivalent to using what cryptographers call a one-time pad. A one-time pad harkens back to the days when an actual encryption key was distributed on paper and a unique sheet of paper was used each time. Because each key is used only once, cracking such encryption is difficult.Wayne Rash, eWeek article, "Why Quantum-Resistant Encryption Needs Quantum Key Distribution for Real Security"