What is Insecure Cryptographic Storage?
Insecure Cryptographic Storage isn’t a single vulnerability, but a collection of vulnerabilities that compromise data storage. Usually, this collection involves encryption of very sensitive data. Known causes are incorrect encryption of data, improper key storage and management, using known bad algorithms or using your own insecure cryptography. While most modern cryptographic algorithms are extremely resilient, most attackers will go after how you are using the cryptography, not the actual cryptography itself.
What are the risks?
Usually information that has been encrypted is to protect very sensitive data such as; personal identifiable information, trade secrets, healthcare records, financial data and credit card numbers. Most attackers have a motive and will go after how you are using the cryptography, not the actual cryptography itself, thus exploiting sensitive data. Once compromised, loss of such delicate information will be costly to your business, your reputation and possibly face legal fines.
How we can help detect Insecure Cryptographic Storage and protect you?
First, we identify and locate flaws in any key stroke management and/or possible inputting of incorrect encryption codes. We will determine whether you are using insecure algorithms designed by you or a known outside source. In doing so, we will also run a security scan to target these issues and provide a detailed report with active solutions and recommendations to help protect your business and your clients in all ways.
For more information on how to protect your system or suspect you are under attack, please contact us immediately.
© 2012 Toronto Professional services LTD. All rights reserved