Administrators confident about the safety of their data encrypted on company laptops should start squirming if a recent court decision passes muster in the United States.

The case involves a Colorado woman who has been ordered to open the encrypted drives on her laptop for federal investigators.

Unlike the cops on television shows and movies, who always seem to have a computer wizard on hand to decrypt a hard drive or crack a password, law enforcement authorities in Colorado, stymied by the encryption on a notebook in the possession of Romona Fricosu, simply went to a judge and asked him to order her to type in her password so they could see what was in the encrypted files.

In arguing against opening the files, Fricosu claimed doing so would violate her civil rights, in particular her Fifth Amendment rights against self-incrimination. Her reasoning was that the government, by forcing her to give up her password for decrypting the drive, were forcing her to incriminate herself if there were anything on the drive tying her to their criminal investigation of a mortgage scam. They believe Friscou is involved the scam that defrauded banks in the Colorado Springs area of some $900,000. Continue reading Government Can Force You to Decrypt Your Data

Google recently hung a ‘going out of business’ sign on its Message Continuity service for users of Microsoft Exchange. Google will continue to provide the service to its users until their contracts run out, but after that, they’re on their own.

Since the service was launched a little over a year ago, “hundreds” of businesses have subscribed to the offering, which uses Google’s cloud to provide email continuity when a Microsoft Exchange environment is interrupted for any reason.

Hundreds of users, though, can’t compete with the “millions” of businesses that have moved their entire email operation to Google Apps, so Searchzilla has decided to scrap its continuity product for Exchange  and concentrate all its resources on its application suite. Continue reading Google Deserts Exchange Users by Killing Message Continuity

Gates: Momentous security memo

For computer security experts, January 15 marked the anniversary of a red letter day. It was the 10th anniversary of the day that Microsoft decided to get serious about security.

On that day in 2002, a memo from Bill Gates to Microsoft employees declared the company would be entering a new era, an era of “Trustworthy Computing.”

“In the past,” Gates wrote, “we’ve made our software and services more compelling for users by adding new features and functionality, and by making our platform richly extensible. We’ve done a terrific job at that, but all those great features won’t matter unless customers trust our software.”

“So now,” he continued, “when we face a choice between adding features and resolving security issues, we need to choose security.” Continue reading Microsoft’s Trustworthy Computing Program Turns 10

Gestures can replace passwords in Windows 8.

Why it has taken Microsoft so long to make password security more than an afterthought when it introduces a new operating system is anybody’s guess. Nevertheless, with Windows 8 it is making an effort to help users manage their passwords in an efficient and secure way.

Everyone has dozens of accounts they need for which they need to memorize passwords. Most people, though, only commit a few passwords to memory and just reuse them over and over again. A study in 2007, for example, found that the average Internet user had 25 accounts that required password access, but they only used six passwords to access their accounts.

Security pros decry the multiple use of passwords but there are plenty of sites on the web where if your password fell into the wrong hands, the consequences would be trivial. Reusing passwords for those sites should be acceptable. There are sites where unique passwords are a must, though, such as banking or credit card payment sites. Continue reading Windows 8 Offers New Password Features

BYOD can give administrators a headache.

More and more organizations are finding their employees using personal devices to access company data. Without some measure of control, those workers can create serious security problems for their employers.

As much as some administrators would like to block the use of personal devices in the workplace, that’s unlikely to happen for a number of reasons. For example, many employees are already using their own devices at work, as a recent survey by IDC shows. That poll found that 95 percent of workers use one personally purchased device on the job. Continue reading What Should Be in Your BYOD Policy?

Recently we wrote about how workers in the United Kingdom felt compelled to check their email at all times, even during holidays like Christmas. Those same kinds of pressures are felt across the Channel, too, in Germany, but some employers over there are relieving those pressures by turning off the email spigot.

The latest employer to do that is auto maker Volkswagen. The Kaiser of Fahrvergnügen cut a deal with its unions recently to shut-off outbound mail from its Blackberry servers to rank-and-file workers from one half hour after close of business to one half hour before office hours begin each day. The agreement doesn’t apply to managers and executives at the company. Continue reading Volkswagen Shuts Off Email Servers After Business Hours

Despite the claims of one CEO of a major global high tech company, many workers believe their internal email is important enough to scrutinize when they should be kicking back and being jolly during the holiday season.

In a poll of some 1000 people with full-time jobs in the United Kingdom, surveyors found that nearly half of the workers (46 percent) intend to check their office email either frequently (15 percent) or intermittently (31 percent) during yuletide. About a third of the sample (34 percent) said they’d totally resist the temptation to check their email during their stay at home during the festive period. Continue reading Santa Checks His List; Everyone Else Their Email

There’s an appealing logic to the notion that as technologies focused on a problem improve, the problem will diminish. That’s not always the case, however, and it may not be so when it comes to plugging email leaks.

Technologies don’t develop in bubbles. While improvements in Data Loss Prevention (DLP) technology are advancing, so are other technologies, technologies and trends that can offset or undermine those improvements. Continue reading Plugging Email Leaks Becoming Tougher Than Ever

Some $87 billion in wasted time a year could be saved in the United Kingdom alone simply by enforcing  better email management by corporate directors and senior managers.

That’s the conclusion reached by a U.K.-based training company after its surveyors discovered that directors and managers waste an hour a day on their jobs because they manage their email poorly.

The estimate from the study conducted by training company Emailogic is based on an average director making $140,000 a year and there being some 4.5 million private companies in the United Kingdom. Continue reading Better Email Management can Save Companies Billion a Year

As the end of November draws near, anticipation is building that Service Pack 2 for Exchange 2010, which was announced in May, will finally be released. Given Microsoft’s track record with the last two roll-up updates for the software, you really can’t blame Redmond for being extra careful with this service pack.

Although originally expected to make it out the door at the end of October, it appears that the new deadline for the service pack is sometime next week, if Microsoft’s general manager for Exchange, Kevin Allison is to be believed. Continue reading Microsoft Exchange 2010 SP2 is Coming Soon