Terminator emails just keep coming!

LEARN MORE                     FREE TRIAL                          CONTACT EVIZONE

In my last post on this subject I suggested, tongue somewhat in cheek, that the Gavrilo Princip (assassin of the Archduke Ferdinand and trigger of the First World War) of our time might be poor email security. I was inspired by the threats of retaliation uttered by U.S. Vice President Joe Biden and directed at Russia.

Today, post the U.S. Presidential Election and with the Democrats having been “Trumped”, things have become even more surreal. Now, we have CIA reports pointing the finger at the Russians, Wikileaks saying “nope, it was an inside job”, a sizable portion of the U.S. population believing Putin swung the election, Obama retaliating with the largest peacetime expulsion of foreign diplomats in U.S. history, and Trump vowing the only true security will come from metaphorically reinstating the Pony Express. It is amazing the trouble a few phishing emails can cause!

Now, I am savvy enough to know that all involved are using this situation to push their own political narratives and the real truth will probably never be known. One thing is indisputable however: communications security at the highest level of the Clinton campaign and the Democratic Party was non-existent. If this is really what cost them the election they have only themselves to blame.

If you park your car in a bad part of town, with the door open and the key in the ignition, you deserve no sympathy when the inevitable happens. Now we are all subject to the law of unintended consequences as events pinball in unexpected directions with possibly severe outcomes.

I reiterate – what a mess! How sophisticated people could cause this kind of nightmare by using an antiquated and flawed technology like email for sensitive communications is beyond me. Sensitive communications require complete, reliable privacy and at the same time oversight and governance, so that appropriate records are maintained when they should be and reliably disposed of when they should not.

The technology exists at Evizone. It is reliable, easy to use and cheap. Wake up folks! If the elite of the United States can get this messed up by email, it can happen to anyone. That is why at Evizone we are all about Safe Communications Now!

Bill Wells is the Chairman of Evizone. This blog originally appeared on Bill’s LinkedIn page.


About Evizone Ltd.
Evizone Ltd. is a revolutionary secure communications, encryption and compliance software and service provider based in Montreal, Quebec, Canada. Evizone offers innovative enterprise solutions in secure messaging (next generation beyond encrypted e mail) and encryption, encryption at rest, regulatory compliance, compliance archiving, WORM compliance, 17a-4 compliance, document life cycle management and communications governance and risk management. Evizone’s services protect organizations through best in class security, encryption, recipient controls, document life cycle management, discovery management, compliance management, compliance archiving, tamper proof WORM and 17a-4 compliance archiving and complete audit records against the enormous damage caused by communications breaches. Evizone’s patented technologies offer a level of security impossible to obtain with conventional or encrypted email and fast, powerful, user friendly compliance archiving. Evizone’s services are immediately available on multiple platforms and provide the strongest commercially available communications security and compliance archiving. You can follow Evizone on Facebook, Twitter, and LinkedIn.

Contact:
Tom Kott, HATLEY Strategy Advisors, 514.316.7082, tkott@hatleystrategies.com

 

LEARN MORE                     FREE TRIAL                          CONTACT EVIZONE

Yahoo’s security issues just became one billion times worse

LEARN MORE                     FREE TRIAL                          CONTACT EVIZONE

2016 wasn’t a good year for Yahoo.

After announcing in September that 500 million user email accounts had been hacked in 2014, it was revealed in October that the company itself had been spying on users and collecting the data for the NSA and FBI.

Now, a new hack has been disclosed, and it is much, MUCH worse than imaginable.

Over one billion user accounts were breeched in a cyberattack launched in August 2013. It is now believed to be the world’s largest known attack on an email service (the title was previously held by… Yahoo, for the 2014 breech).

As Reuters reports:

“The company, which is being acquired by Verizon Communication Inc for US$4.83 billion, said an unauthorized third party had stolen the data in the latest breach and that it was working closely with law enforcement.

The company said it has not been able to identify the intrusion associated with the theft.

Yahoo said the stolen user account information may have included names, e-mail addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, encrypted or unencrypted security questions and answers.

Payment card data and bank account information were not stored in the system believed to be affected, the company said.”

If Yahoo ever attempted to include basic security measures in their email platform, you would never know it. Even the “encrypted” security questions were stolen.

This new information has produced real consequences for Yahoo. In Canada, the company faces a $50 million class-action lawsuit, launched by a user who “used email to chat about a wide range of personal information, including financial and health information.”

Verizon, which plans to purchase Yahoo’s internet business, is demanding that Yahoo be repriced following the hack and has threatened to go to court if this does not happen. After the September announcement, Verizon had reduced their offer by $1 billion – the acquisition cost could be reduced even more this time.

Email is not the communication platform of the future. There are few security measures used in in this mode of communication, and none of them provide complete coverage. As Evizone Chairman Bill Wells outlined in a previous blog, anyone looking for secure communications needs to look for TELM:

  • Transmission
  • End Recipient
  • Life Cycle
  • Meta Data

If a security weakness is involved with any of these items – no matter how secure the rest is – your communications are vulnerable to a cybercriminal. Unfortunately, this is the case for any email service.

Evizone’s Secure Communications service is different. It provides complete TELM coverage for companies, ensuring that data is always protected behind a patented, military-grade encryption system that keeps out unwanted prying eyes.

One billion accounts hacked is one billion too many.


About Evizone Ltd.
Evizone Ltd. is a revolutionary secure communications, encryption and compliance software and service provider based in Montreal, Quebec, Canada. Evizone offers innovative enterprise solutions in secure messaging (next generation beyond encrypted e mail) and encryption, encryption at rest, regulatory compliance, compliance archiving, WORM compliance, 17a-4 compliance, document life cycle management and communications governance and risk management. Evizone’s services protect organizations through best in class security, encryption, recipient controls, document life cycle management, discovery management, compliance management, compliance archiving, tamper proof WORM and 17a-4 compliance archiving and complete audit records against the enormous damage caused by communications breaches. Evizone’s patented technologies offer a level of security impossible to obtain with conventional or encrypted email and fast, powerful, user friendly compliance archiving. Evizone’s services are immediately available on multiple platforms and provide the strongest commercially available communications security and compliance archiving. You can follow Evizone on Facebook, Twitter, and LinkedIn.

Contact:
Tom Kott, HATLEY Strategy Advisors, 514.316.7082, tkott@hatleystrategies.com

 

LEARN MORE                     FREE TRIAL                          CONTACT EVIZONE

Your email encryption is useless

LEARN MORE                     FREE TRIAL                          CONTACT EVIZONE

TELM – The Four Dimensions of Electronic Communications Security

We are all familiar with the careers and organizations laid waste by hacked emails – Hillary Clinton, John Podesta, the Democratic National Committee, Sony – the list goes on and on. Whether it’s the Russians, the North Koreans, the Romanians, the Chinese, the kid around the corner, the Tooth Fairy or all of the above – nobody knows and it just keeps coming. This is what happens when an outdated and flawed technology meets the real world.

In supposedly sophisticated circles the emerging answer to the problem seems to be encrypt your emails, texts, Snapchats, WhatsApps, etc. and problem solved. Unfortunately this is yet another tech bait and switch. The purveyors of these solutions know very well that encryption alone does not solve anything, but you will never hear it from them.

Let me provide a framework for thinking about TRUE electronic communications security – Transmission, End Recipient, Life Cycle and Meta Data or TELM for short. Only once all these threats are resolved can true security be established. Let’s address them individually to understand the threat.

TRANSMISSION

This is what current encryption of electronic communications is designed to address, the threat that someone will intercept your communication en-route and read it. Fair enough, most forms of encryption do an adequate job. What they do not tell you however, is that encryption evolves, as does code breaking. Old versions of encryption are vulnerable and, by the way, the current architecture of electronic communications leaves several if not dozens of copies of your encrypted communication lying around in various servers totally out of your control. These copies will probably be there for years, long after their encryption standard is past its expiry date and extremely vulnerable.

END RECIPIENT

Another thing the encryption providers will not point out is that your sensitive electronic communication will be decrypted by the end recipient and immediately become unprotected. Who knows what the security environment of the recipient is – perhaps it’s Fort Knox, probably far from it. Once you hit send you have given the recipient total control over your communication. Will they forward, copy, print or archive your communication and with what kind of security? You will never know where that information actually ended up – perhaps on Anthony Weiner’s hard drive, to cite a perfect example of this problem.

LIFE CYCLE

Just how long will your vulnerable communications be at risk? Email is eternal – so is decrypted email. Are you sure that five years from now your innocent jokes with friends are not going to pop up with the worst possible interpretation imposed? Or what if your communication was required to be preserved for regulatory purposes, a lawsuit or an investigation, and it got wiped or went mysteriously missing (perhaps an accidental hammer to someone’s hard drive). True security requires total control over electronic communications throughout their life cycle – be it one day or seven years.

META DATA

Ahhh! – The mystical Meta Data, so mysterious and so powerful. Let’s say you have solved all the problems of Transmission, End Recipient and Life Cycle, are you not now finally secure? Sorry, but the answer is no. Even if your sensitive communication is kept secure throughout its existence it will still reveal much that you do not want prying eyes to know. It is standard practice for governments, security agencies and who knows who else, to monitor network traffic and see who is talking with who, what are the file sizes, how often, are there patterns to the communication, what are the email addresses, phone numbers, etc. This is all mapped and reveals an enormous amount of sensitive information. So even if your communications are fully encrypted and remain so, you are still revealing far too much to prying eyes. If you use conventional email, encrypted email, SMS/texts, chat, social media, phone calls and practically any existing form of electronic communication, you are vulnerable.

So now we have a standard against which to measure true electronic communications security – TELM. Check the methods of electronic communications you use against TELM and see how they stack up – not well I imagine.

Before you scream with total frustration and revert to carrier pigeons, there is a solution. This is why I founded Evizone. We have spent years thinking about the issues involved in true electronic communications security and have patented solutions to these issues. Evizone’s Secure Communications service provides the strongest security for sensitive electronic communications commercially available. It satisfies all the TELM requirements. Contact us at evizone.com to see Evizone Secure Communications in action and understand how it answers all the challenges of TELM. We are waiting for your call!

 

Encryption: how can companies balance privacy and the law?

LEARN MORE                     FREE TRIAL                          CONTACT EVIZONE

This week, Canada’s fourteen privacy commissioners made a public declaration against increasing the government’s ability to decipher encrypted devices.

According to the Globe and Mail, the group was led by federal Privacy Commissioner Daniel Therrien who stated that:

“This is not the time to further expand state powers and reduce individual rights. This is the time to enhance both legal standards and oversight to ensure we do not repeat past mistakes and achieve real balance between security and respect for basic individual rights… We have seen too many cases of inappropriate and sometimes illegal conduct by state officials that have impacted on the rights of ordinary citizens not suspected of criminal or terrorist activities.”

He also went on to say encryption technology benefits honest Canadians who want a secure means of communications. “Encryption is a benefit for the population at large.”

We could not agree with Mr. Therrien more.

The Privacy Commissioner’s comments were made following the publication of a green paper by the Public Safety Ministry which asked:

  • If the Government were to consider options to address the challenges encryption poses in law enforcement and national security investigations, in what circumstances, if any, should investigators have the ability to compel individuals or companies to assist with decryption?
  • How can law enforcement and national security agencies reduce the effectiveness of encryption for individuals and organizations involved in crime or threats to the security of Canada, yet not limit the beneficial uses of encryption by those not involved in illegal activities?

Should the government have the ability to force individuals or companies to break their own encryption without evidence of wrong doing? No.

Can the government effectively allow encryption for legal activities but stop it for illegal ones? Yes – by requiring that encryption can be broken when ordered by a court with jurisdiction and requiring that service providers maintain auditable records of communications and the ability to provide transparency when required.

It is important to a strike the balance between protection of privacy and the legitimate needs of law enforcement. Such a balance is the basis on which Evizone’s products were built.

Evizone Secure Communications (ESC), our patented communications platform, provides the strongest security commercially available to protect privacy.

Evizone Communications Governance (ECG) is an enterprise message archiving tool (compliance and eDiscovery). ECG provides electronic communications transparency for organizations dealing with any sort of regulatory body or legal issue and shows proof of supervision.

Organizations are encouraged to cooperate with law enforcement when there are legitimate security concerns. ECG allows a company to quickly collect records and information within a system and automatically create a report to deal with a matter internally or share it with the authorities. It makes the task of cooperation much faster, easier and more effective. The automatically generated reports only include the information necessary to cooperate with an authorities’ request.

Privacy is paramount – the government should not have the ability to willfully infringe on fundamental rights. Yet when it comes to encryption, companies must have tools available to them to cooperate with the authorities and demonstrate proof of supervision. With Evizone, they do.


About Evizone Ltd.
Evizone Ltd. is a revolutionary secure communications, encryption and compliance software and service provider based in Montreal, Quebec, Canada. Evizone offers innovative enterprise solutions in secure messaging (next generation beyond encrypted e mail) and encryption, encryption at rest, regulatory compliance, compliance archiving, WORM compliance, 17a-4 compliance, document life cycle management and communications governance and risk management. Evizone’s services protect organizations through best in class security, encryption, recipient controls, document life cycle management, discovery management, compliance management, compliance archiving, tamper proof WORM and 17a-4 compliance archiving and complete audit records against the enormous damage caused by communications breaches. Evizone’s patented technologies offer a level of security impossible to obtain with conventional or encrypted email and fast, powerful, user friendly compliance archiving. Evizone’s services are immediately available on multiple platforms and provide the strongest commercially available communications security and compliance archiving. You can follow Evizone on Facebook, Twitter, and LinkedIn.

Contact:
Tom Kott, HATLEY Strategy Advisors, 514.316.7082, tkott@hatleystrategies.com

 

LEARN MORE                     FREE TRIAL                          CONTACT EVIZONE

You can now rent an army of malicious robots for a small fee

LEARN MORE                     FREE TRIAL                          CONTACT EVIZONE

Last week, the Evizone blog introduced you to the growing safety concerns regarding unencrypted Internet of Things (IoT) devices. For the owners of the devices, a hack can mean a complete infiltration of a digital network, leaving all their data vulnerable.

But the threat to corporations is just as dire. More details emerged this week on the growing prevalence of Botnet attacks.

According to Motherboard,

“Two hackers appear to have created a new powerful zombie army of hacked Internet of Things devices with a modified version of the infamous malware Mirai. The cybercriminals are offering the powerful botnet to anyone who’s willing to pay to launch crippling distributed denial of service (DDoS) cyberattacks.

[They] claim to have improved Mirai to infect new devices—mostly routers. This new variant gives them the ability to potentially harvest hundreds of thousands, perhaps millions, of new bots, according to security researchers.

One of the two hackers behind this new Mirai variant said they have control over one million hacked devices.”

That’s right, an army of dormant televisions, computers, smart lamps, WiFi enabled refrigerators, and other common household items are being offered to anyone willing to pay for it. To mount an attack, the hackers use these devices to overload a target’s network, shutting them down completely. The hackers offer different price plans, according to Motherboard.

“For as little as $2,000, the hacker said, a customer can rent 20,000 to 25,000 nodes to launch intermittent one-hour long attacks over the span of two weeks, with 15 minutes of “cooldown” time between attacks. For $15,000 or $20,000, customers can get 600,000 bots to launch 2-hour-long attacks with 30 or 15 minutes of “cooldown” time. This costlier package gives customers 700 gbps of traffic or more, according to the hacker.”

For companies vulnerable to attacks, this is very concerning information. It’s quite difficult to ward off such cyberthreats, and an attack can lead to permanent damage and data loss.

These types of hacks have brought down websites and apps as large as Twitter and Spotify. And Botnet networks like the one described above are only getting more powerful.

The best practice for any company is to make sure that vulnerable data is secured and encrypted using software like Evizone’s. This ensures that an attack would never expose sensitive information to anyone who shouldn’t have access to it.


About Evizone Ltd.
Evizone Ltd. is a revolutionary secure communications, encryption and compliance software and service provider based in Montreal, Quebec, Canada. Evizone offers innovative enterprise solutions in secure messaging (next generation beyond encrypted e mail) and encryption, encryption at rest, regulatory compliance, compliance archiving, WORM compliance, 17a-4 compliance, document life cycle management and communications governance and risk management. Evizone’s services protect organizations through best in class security, encryption, recipient controls, document life cycle management, discovery management, compliance management, compliance archiving, tamper proof WORM and 17a-4 compliance archiving and complete audit records against the enormous damage caused by communications breaches. Evizone’s patented technologies offer a level of security impossible to obtain with conventional or encrypted email and fast, powerful, user friendly compliance archiving. Evizone’s services are immediately available on multiple platforms and provide the strongest commercially available communications security and compliance archiving. You can follow Evizone on Facebook, Twitter, and LinkedIn.

Contact:
Tom Kott, HATLEY Strategy Advisors, 514.316.7082, tkott@hatleystrategies.com

 

LEARN MORE                     FREE TRIAL                          CONTACT EVIZONE

What is your metadata and why are people trying to steal it?

LEARN MORE                     FREE TRIAL                          CONTACT EVIZONE

It’s one of those terms that gets thrown around whenever people talk about cybersecurity. Everyone has heard of it, but why is metadata so important, and why is it so vulnerable?

Simply put, metadata is data about data. Let’s say you send a text message to someone. That text itself is data. The metadata includes the phone numbers involved in the interaction, the time the message was sent at, as well as the location of the sender and receiver. This information is collected by cell phone service providers.

When it was revealed that the NSA collected data on U.S. citizens, it was this metadata that they were gathering. With sophisticated tools, a web of interactions can be created to see how one person is linked to another person – similar to LinkedIn connections – and trace a person’s location and habits in consequence.

But it’s not just text messages and phone calls that use metadata. Metadata is created when you browse the Internet, send emails, check Twitter on your iPhone, and even when you flip through your smart TV. With the rise of the Internet of Things (IoT), your Wi-Fi connected toaster might be creating pools of information as well. This may seem innocent enough, but the implications of data being stored from every device poses certain risks. A report from the Internet Society highlights these growing concerns:

“Seemingly benign combinations of IoT data streams also can jeopardize privacy. When individual data streams are combined or correlated, often a more invasive digital portrait is painted of the individual than can be realized from an individual IoT data stream. For example, a user’s Internet-enabled toothbrush might capture and transmit innocuous data about a person’s tooth-brushing habits. But if the user’s refrigerator reports the inventory of the foods he eats and his fitness-tracking device reports his activity data, the combination of these data streams paint a much more detailed and private description of the person’s overall health. This data-aggregation effect can be particularly potent with respect to IoT devices because many produce additional metadata like time stamps and geolocation information, which adds even more specificity about the user.”

The value of this data seems clearer now – and not just to the authorities. If a hacker can monitor your activity to find out when you leave your house, there’s a good chance they can also modify the settings on your smartphone-connected door lock. Once a hacker has access to a device in a home network, every device is vulnerable. Many IoT devices lack simple authentication or encryption features, making them much more at risk to outside interference.

The IoT industry is fairly new, and they will learn the hard way about the need to include more security features in their devices. Just last month, PayPal, Twitter, Spotify and others were brought down by a hack that directed computers, webcams, cameras, fridges, and toasters to overload the companies’ servers with data, causing them to crash.

If you’re worried about the collection of your IoT metadata, there are ways to secure yourself by researching best practices online, though they are not all foolproof.

For communications by email and smart phone, the most secure system commercially available is Evizone.

With Evizone, there is no metadata captured in any interaction. Communications exclusively pass through and are stored in Evizone’s private servers. These servers are protected with military-grade encryption. The data stored is scrambled in small clusters of bytes, ensuring that no data can ever be extracted or pieced together by anyone but the intended user.


About Evizone Ltd.
Evizone Ltd. is a revolutionary secure communications, encryption and compliance software and service provider based in Montreal, Quebec, Canada. Evizone offers innovative enterprise solutions in secure messaging (next generation beyond encrypted e mail) and encryption, encryption at rest, regulatory compliance, compliance archiving, WORM compliance, 17a-4 compliance, document life cycle management and communications governance and risk management. Evizone’s services protect organizations through best in class security, encryption, recipient controls, document life cycle management, discovery management, compliance management, compliance archiving, tamper proof WORM and 17a-4 compliance archiving and complete audit records against the enormous damage caused by communications breaches. Evizone’s patented technologies offer a level of security impossible to obtain with conventional or encrypted email and fast, powerful, user friendly compliance archiving. Evizone’s services are immediately available on multiple platforms and provide the strongest commercially available communications security and compliance archiving. You can follow Evizone on Facebook, Twitter, and LinkedIn.

Contact:
Tom Kott, HATLEY Strategy Advisors, 514.316.7082, tkott@hatleystrategies.com

 

LEARN MORE                     FREE TRIAL                          CONTACT EVIZONE

Cybersecurity concerns persist post-election

LEARN MORE                     FREE TRIAL                          CONTACT EVIZONE

To say that Hillary Clinton’s email problems were her downfall would be gratuitous, but there’s no question that it contributed to a certain narrative about her character and abilities. We’ll leave it to more suited analysts to conduct the postmortem on her campaign.

However, now that Donald Trump is President-Elect, there is no question that cybersecurity should still be top of mind.

Over at Tech News World, a columnist writes that Donald Trump may have been the better candidate when it comes to technology:

“I actually think Trump could be a better technology candidate than Clinton would have been. That is because [Clinton] just didn’t seem to fundamentally get why a personal email server was a huge security breach, nor how classifications actually work. That was during a time when the nation was under a massive cyber threat — and still is.”

“While Trump has few positions, he actually has a strong one on cybersecurity. He has argued that the U.S. has obsolete cybersecurity capabilities and is falling behind other countries, according to the ITIF, and both of those observations are correct. He has argued that cyber has to be part of our thought processes.

He also has promised to enforce stronger protections against Chinese hackers and that U.S. responses will be swift, robust and unequivocal. While I’d personally like to omit the Chinese part of this — a response strategy should apply to anyone, not just China — but it is a solid step in the right direction.

Trump doesn’t have a lot of positions, which suggests the ones he does have will get the greatest focus. The fact that he calls out cybersecurity so prominently is a good sign.”

Wired Magazine takes a less rosy perspective. Mentioning that the President-Elect called for Russian hackers to dig up old Clinton emails during the campaign and that he was accused of routinely eavesdropping on guests at his hotels, they worry about what he would do with the NSA’s capabilities. They mention that “Edward Snowden and other privacy activists warned that the surveillance powers expanded under Obama could be abused by Trump and called for Americans to use encryption tools to protect themselves. “

Fusion goes even further with a guide on how to protect yourself in Trump’s “surveillance state” as he gains hold of advanced digital capabilities. The key message? “Encrypt all your communications.”

Forbes took a more balanced approach, acknowledging that Donald Trump campaign platform called for an improvement in the United States’ cybersecurity strategy, but that these promises were vague on actual action:

“Apart from a half-dozen bullet points on his website, Trump doesn’t offer many specifics about his cybersecurity plans. His interview responses over the past several months may have left us with more questions than answers. During a two-day discussion with reporters from the New York Times, Trump stated that the U.S. is “so obsolete in cyber,” and that “we just seem to be toyed with by so many different countries.”

He didn’t provide any examples to back that statement up, but he was at least right on that count. Critical infrastructure is constantly being probed from beyond our borders.”

When it comes to cybersecurity, it doesn’t really matter who is elected to lead a government – threats can come from anywhere, whether it’s in your own country or from abroad. It is up to every individual and each company to protect and encrypt their data. As we have previously written, nobody should rely on the government to keep their digital property safe.


About Evizone Ltd.
Evizone Ltd. is a revolutionary secure communications, encryption and compliance software and service provider based in Montreal, Quebec, Canada. Evizone offers innovative enterprise solutions in secure messaging (next generation beyond encrypted e mail) and encryption, encryption at rest, regulatory compliance, compliance archiving, WORM compliance, 17a-4 compliance, document life cycle management and communications governance and risk management. Evizone’s services protect organizations through best in class security, encryption, recipient controls, document life cycle management, discovery management, compliance management, compliance archiving, tamper proof WORM and 17a-4 compliance archiving and complete audit records against the enormous damage caused by communications breaches. Evizone’s patented technologies offer a level of security impossible to obtain with conventional or encrypted email and fast, powerful, user friendly compliance archiving. Evizone’s services are immediately available on multiple platforms and provide the strongest commercially available communications security and compliance archiving. You can follow Evizone on Facebook, Twitter, and LinkedIn.

Contact:
Tom Kott, HATLEY Strategy Advisors, 514.316.7082, tkott@hatleystrategies.com

 

LEARN MORE                     FREE TRIAL                          CONTACT EVIZONE

Both the FBI and the Democratic Party would have benefited from Evizone Communications Governance

LEARN MORE                     FREE TRIAL                          CONTACT EVIZONE

It’s Election Day in America, and the polls numbers between Donald Trump and Hillary Clinton are closer than they ever should have been. On the day of the third presidential debate, FiveThirtyEight gave Clinton a staggering 87.3% chance of winning the election, a complete landslide.

As of last night, her chances were down to 68.5% with several battleground states in play, and she will likely fail to reach the fifty per cent mark of the popular vote if she does win the presidency – which remains a big if.

How did she get to this point? Emails.

Last week, we argued that John Podesta should have been using Evizone to protect his communications, but now that list should be expanded.

As you likely know by now, the FBI reopened their investigation into Hillary Clinton’s email practices less than two weeks ago, causing a great deal of controversy. The FBI revelation came after Clinton-related emails were found on former congressman Anthony Weiner’s computer, the husband of Clinton aide Huma Abedin. Two days before the election, the FBI closed the investigation once again, finding nothing incriminating.

What’s incredible is that the investigation was launched before the FBI had any idea what they would find, and even before they had a warrant. As it turns out, Weiner’s data contained only duplicates of what the FBI had already looked at.

This episode displays a lack of digital organization on the part of both the FBI and the Democratic Party, a mess that could have been avoided if both organizations used our Evizone Communications Governance (ECG) system.

Evizone Communications Governance is a message archiving, compliance and e-discovery tool that manages all of an organization’s electronic communications using the strongest security available. Featuring high-speed access, comprehensive intelligent search functionality, a robust governance model, and tamper-proof regulatory compliance, the platform consolidates communications from multiple sources and methods, including Evizone Secure Communications, and most email, instant message and chat services.

Had the Democratic Party used Evizone Communications Governance (ECG) and Evizone Secure Communications (ESC), the party could have quickly dispelled any notion of criminal wrongdoing by the Clinton team through an automated activity report and compliance archives.

Had the FBI used Evizone Communications Governance software, it would have taken them less than eight days to scan through Weiner’s data and determine that there was nothing of value. Indeed, a query of 650,000 messages using ECG to identify those requiring deeper review would take only a few minutes! A shorter investigation period would have avoided claims that the FBI was intervening in the political process by letting the investigation drag on until two days before the election.

We don’t know what system the FBI uses for their digital investigations, and we can likely assume that the Democratic Party has no central compliance system to keep track of communications within their network. However, the email mess shows just how important it is to be organized and updated with the latest technology. Evizone uses military grade encryption and patented communications software to ensure that everything is recorded and archived, as well as 100% secure.

Hopefully many organizations will learn from this crisis that, for better or for worse, irreversibly affected the path of this election.


About Evizone Ltd.
Evizone Ltd. is a revolutionary secure communications, encryption and compliance software and service provider based in Montreal, Quebec, Canada. Evizone offers innovative enterprise solutions in secure messaging (next generation beyond encrypted e mail) and encryption, encryption at rest, regulatory compliance, compliance archiving, WORM compliance, 17a-4 compliance, document life cycle management and communications governance and risk management. Evizone’s services protect organizations through best in class security, encryption, recipient controls, document life cycle management, discovery management, compliance management, compliance archiving, tamper proof WORM and 17a-4 compliance archiving and complete audit records against the enormous damage caused by communications breaches. Evizone’s patented technologies offer a level of security impossible to obtain with conventional or encrypted email and fast, powerful, user friendly compliance archiving. Evizone’s services are immediately available on multiple platforms and provide the strongest commercially available communications security and compliance archiving. You can follow Evizone on Facebook, Twitter, and LinkedIn.

Contact:
Tom Kott, HATLEY Strategy Advisors, 514.316.7082, tkott@hatleystrategies.com

 

LEARN MORE                     FREE TRIAL                          CONTACT EVIZONE

John Podesta’s emails were hacked in the most preventable way possible

LEARN MORE                     FREE TRIAL                          CONTACT EVIZONE

You’ve received this email before.

The layout of the message looks like it’s from your email provider or sometimes even from your bank, saying that someone has tried getting into your account and you need to change your password ASAP. A big button says it will lead you to the right place to do this. But something looks off – the font of the email doesn’t match the corporate brand, or the email address looks a little strange.

Most of the time, you probably ignore the message, recognizing that it’s likely a phishing scheme.

This did not happen when the chairman of Hillary Clinton’s campaign received an email from Google saying someone in Ukraine was trying to get into his email account.

Instead, John Podesta or a staffer working for him clicked that big button and entered his password in a fake webpage, giving the hackers – working for the Russian government according to many accounts – access to all his communications, which was eventually leaked to WikiLeaks.

These spear-phishing hacks are very common, especially in business. According to Symantec, spear-phishing campaigns targeting corporate employees increased 55% in 2015. They’re also aimed at SMBs at a higher rate, likely due to the assumption that small companies have fewer security features.

Why the Clinton campaign’s chairman was allowed to use a Gmail account to share such sensitive information in the first place is beyond us. But aside from having the common sense to view emails asking for your password skeptically, there are many ways to protect your data.

Evizone’s communication software not only encrypts all your sensitive information onto military-grade secure servers, but the platform also doesn’t allow for downloading view-only information. With a good document retention policy, automatically enforced by Evizone, all those thousands of messages from years ago will be gone forever and not available to hackers. You can also opt for two-factor authentication and you will be informed if someone tries to access your account from a new device. No more spear-phishing!

So John Podesta: if you’re reading this, give us a call. We’ll make sure no one ever gets into your confidential electronic communications ever again.


About Evizone Ltd.
Evizone Ltd. is a revolutionary secure communications, encryption and compliance software and service provider based in Montreal, Quebec, Canada. Evizone offers innovative enterprise solutions in secure messaging (next generation beyond encrypted e mail) and encryption, encryption at rest, regulatory compliance, compliance archiving, WORM compliance, 17a-4 compliance, document life cycle management and communications governance and risk management. Evizone’s services protect organizations through best in class security, encryption, recipient controls, document life cycle management, discovery management, compliance management, compliance archiving, tamper proof WORM and 17a-4 compliance archiving and complete audit records against the enormous damage caused by communications breaches. Evizone’s patented technologies offer a level of security impossible to obtain with conventional or encrypted email and fast, powerful, user friendly compliance archiving. Evizone’s services are immediately available on multiple platforms and provide the strongest commercially available communications security and compliance archiving. You can follow Evizone on Facebook, Twitter, and LinkedIn.

Contact:
Tom Kott, HATLEY Strategy Advisors, 514.316.7082, tkott@hatleystrategies.com

 

LEARN MORE                     FREE TRIAL                          CONTACT EVIZONE

Terminator e-mails wreak havoc on Democrats

LEARN MORE                     FREE TRIAL                          CONTACT EVIZONE

Terminator e-mails keep popping up out of nowhere to wreak destruction on the Democratic party and the U.S. Presidential race. Like the mindless killing machine, the e-mails too seem unstoppable. Not even BleachBit and a sledgehammer to a cell phone or hard drive can ensure their destruction.

Improperly handled e-mail has lead to multiple investigations by Congress and the FBI with more sure to come. So far the Chair of the DNC has had to resign, the race for the presidency is in the balance, Hillary Clinton’s closest aide, Huma Abedin, is in an extremely precarious position, national security may have been compromised and relations with the Russians so poisoned that Joe Biden, the Vice President of the United States, actually threatened retaliatory U.S. action; a possible casus belli. In which case the Gavrilo Princip of our time would be… e-mail.

Even if Hillary Clinton is elected President, it is certain investigations into her e-mails and those of her colleagues will continue. At the least this will cause significant disruption to her agenda and the smooth operation of the U.S. government. At worst it may lead to indictments and possible impeachment. Her administration may be crippled from the very start and the cause of all this – improperly handled e-mail.

Lest we think that it is only Hillary Clinton who has been “extremely careless”,  Wikileaks has been releasing a steady drip of bombshell e-mails from and between multiple leaders of the Democratic party, including John Podesta, former Chief of Staff for Bill Clinton. Even Barrack Obama appears to have been e-mailing using a pseudonym. The latest development is discovery of a laptop belonging either to Huma Abedin or her estranged husband Anthony Weiner and used by both. The laptop contains many thousands of e-mails pertaining to the investigation of Hillary Clinton’s home server by the FBI. An investigation which has now been reopened, thus tossing a small nuclear device into the last few days of the U.S. Presidential election. To add icing to the cake, Anthony Weiner has a serious issue with sexting any woman who responds. The man is a walking national security risk and yet he appears to have had access to the thousands of e mails pertaining to Huma Abedin’s work for Hillary Clinton and the U.S. State Department.

It is clear that communications security is non-existent at the highest levels of the Democratic Party. The idea that using home servers and pseudonyms somehow ensures security is laughable. BleachBit and hammers are equally ludicrous. E-mail once sent is everywhere. There are an unknown number of copies at origin, destination and every point in between. Even encrypted e mail suffers the same flaw. Now Kim Dotcom is in the act, pointing out that the NSA undoubtedly has copies of all this e mail traffic on its servers. It only requires a simple search routine to retrieve it.

What a mess! How sophisticated people could cause this kind of nightmare by using an antiquated and flawed technology like e mail for sensitive communications is beyond me. Sensitive communications require complete, reliable privacy and at the same time oversight and governance, so that appropriate records are maintained when they should be and reliably disposed of when they should not. The technology exists at Evizone. It is reliable, easy to use and cheap. Wake up folks. If the elite of the United States can get this messed up by e mail, it can happen to anyone. That is why at Evizone we are all about Safe Communications Now!

Bill Wells is the Chairman of Evizone. This blog originally appeared on Bill’s LinkedIn page.


About Evizone Ltd.
Evizone Ltd. is a revolutionary secure communications, encryption and compliance software and service provider based in Montreal, Quebec, Canada. Evizone offers innovative enterprise solutions in secure messaging (next generation beyond encrypted e mail) and encryption, encryption at rest, regulatory compliance, compliance archiving, WORM compliance, 17a-4 compliance, document life cycle management and communications governance and risk management. Evizone’s services protect organizations through best in class security, encryption, recipient controls, document life cycle management, discovery management, compliance management, compliance archiving, tamper proof WORM and 17a-4 compliance archiving and complete audit records against the enormous damage caused by communications breaches. Evizone’s patented technologies offer a level of security impossible to obtain with conventional or encrypted email and fast, powerful, user friendly compliance archiving. Evizone’s services are immediately available on multiple platforms and provide the strongest commercially available communications security and compliance archiving. You can follow Evizone on Facebook, Twitter, and LinkedIn.

Contact:
Tom Kott, HATLEY Strategy Advisors, 514.316.7082, tkott@hatleystrategies.com

 

LEARN MORE                     FREE TRIAL                          CONTACT EVIZONE