Zix Blog

New California Data Breach Notification Statute Defines Encryption

Mon, 11/16/2015 - 10:51 by Neil Farquharson
Most readers won’t have noticed California’s updated breach notification statute , due to take effect on January 1st of 2016. However it is worth noting that California often leads the way with new legislation – good or bad – that will usually be followed by the other states in their own good time. Back in 2003, California became the first state to require the issue of security breach notifications. Since then, nearly every state has followed by enacting laws that require organizations who experience a security breach to notify the affected people. This is the third time in as many years that...
Read More

Moving to The Cloud with ZixHosted Services

Thu, 11/12/2015 - 10:40 by Neil Farquharson
Just the other day, I was chatting with a Zix customer who is considering a move from an on-premises mail server to a cloud-based mail server, in his case Office 365 (O365). His company has been using ZixGateway for a number of years as its email encryption service, and he was aware that he could continue to use his on-premises ZixGateway with a cloud-based O365 solution. I suggested that if he is going to migrate to O365 in the cloud, why not also migrate his Zix Email Encryption and DLP solutions to the cloud. There are great advantages to migrating from an on-premises ZixGateway solution...
Read More

The Forgotten Cyberthreat

Wed, 11/11/2015 - 12:30 by ZixCorp
In case you missed it, The New York Times published a great piece over the weekend: The Cyberthreat Under the Street , and it turns out, there are bigger threats living beneath our streets than some sewer rats or the tall tale of an alligator. The piece begins its report with the statistic that there have been 16 fiber cuts in the San Francisco Bay Area in the past year. What is a fiber cut exactly? In this case, it was the severing of the fiber optic cables that supply telecommunications to the region — a region that happens to house Lawrence Livermore National Laboratory, an overseer...
Read More

Manage Holiday Stress with BYOD

Mon, 11/09/2015 - 13:04 by ZixCorp
It’s that time again. Hectic parking lots, crowded malls and full social calendars — the Holidays are officially upon us. Besides some well-deserved — and likely much needed — time off, what’s the best gift an organization can give to its employees? Many would agree that having the ability to take time off without coming back to a deluge of emails and to check into the office with minimal disruptions to quality family time — or the ability to BYOD — is quite the gift. With BYOD, employees are no longer restricted to the walls of their offices or tied to their laptops. Email, documents and...
Read More

Google’s Project Zero Discovers More BYOD Vulnerabilities

Thu, 11/05/2015 - 13:38 by Neil Farquharson
Google’s Project Zero team has just made public a series of security flaws found on the popular Samsung Galaxy Edge smartphone. Project Zero is a team of Google security analysts formed in July of 2014 with the aim of finding zero-day exploits . It is most famous for releasing details of an exploitable Windows 8.1 bug in January 2015 after giving Microsoft a 90 day notice to issue a patch. Source: Kārlis Dambrāns For the new Galaxy Edge S6 analysis, the Project Zero team gave themselves one week to attempt three challenges: Gain remote access to contacts, photos and messages Gain access...
Read More

Zix Email Encryption Protects Against Faulty TLS Implementations

Tue, 11/03/2015 - 12:49 by Neil Farquharson
A new study from researchers at the University of Michigan, Google and the University of Illinois-Urbana Champaign has confirmed what we at Zix have known for a long time: some ISPs create a situation where emails intended to be encrypted are actually sent across the network unencrypted; meaning that they can be intercepted and read by hackers. The STARTTLS instruction is used by networks to initiate TLS secure sessions, thereby ensuring that encrypted emails are sent securely. Unfortunately some ISPs have been choosing to remove the STARTTLS instruction , while others have been setting up...
Read More

Customer Spotlight – ZixCorp Gives Boost of Confidence to Trinity Health

Tue, 10/27/2015 - 07:58 by ZixCorp
In today’s healthcare industry, it’s not uncommon to find workplaces where the burden of security decisions falls squarely on the shoulders of employees — specifically when it comes to whether or not information transmitted by email should be encrypted. This decision — which could have lasting consequences for a company — is a complex one that could not only expose a patient’s protected health information (PHI) but also be a violation of HIPAA. With sensitive information regularly changing hands among patients, healthcare providers and insurers, each email...
Read More

When it Comes to Email Security, Automation is Key

Mon, 10/26/2015 - 10:45 by Neil Farquharson
We’re always reading about the clever hacks of data networks perpetrated by exploiting any of the hundreds of bugs in Windows, Unix/Linux, Mac OS and so on. Indeed there is now a giant market for companies that offer penetration services: that is, white hat hackers who will, for a fee, systematically attack a client’s network looking for these security weaknesses. John Owen Brennan, victim of email hack Back in May, I wrote a couple of blogs about Kevin Mitnick, the world’s most famous hacker. I’d just read one of his autobiographies and was surprised that despite all...
Read More

Why Businesses Should Not Trust Remote Wipe or Kill Switch Commands

Fri, 10/23/2015 - 11:17 by Neil Farquharson
I’m becoming increasingly concerned that businesses are relying on the remote wipe instruction to protect their data. Articles like this one from CNET talk about the new Californian law that implements kill-switch functionality on smartphones, while a multitude of articles such as this one from the New York Times espouse remote wipe functionality. However, as I explained in April , these solutions are way off base and do not truly protect company data. Let me explain. The reason for the kill-switch is to deny the thief the future use of the stolen phone. This makes perfect sense to the...
Read More

Zix’s Hacker Series Continues: David Kennedy on Mobile Devices

Thu, 10/22/2015 - 11:15 by Neil Farquharson
Regular readers may remember this blog referring to the ease with which hackers can intercept emails being transmitted over unprotected fiber optic cables. I’m now pleased to share with you that David Kennedy, the renowned security expert, has agreed to be interviewed during a live Webinar scheduled for November 11 th at 2 p.m. ET. During the interview, I will ask David for his views on the current security levels of mobile devices such as smartphones and tablets. Just how easy is it to compromise mobile devices remotely, or while in the physical possession of hackers? Can operating...
Read More


Switching to Zix Just Got Better

50 percent or more off your first year when you switch to Zix Email Encryption by Feb. 28, 2017, from an eligible competing solution.

Learn More