More than six months since The Register reported that Virgin Media had failed to move away from weak encryption software used on sensitive areas of its website – the ISP is yet to hit the upgrade button. Tim Erlin, director of security and product Management at Tripwire have the following comments on it.
[su_note note_color=”#ffffcc” text_color=”#00000″]Tim Erlin, Director of Security and Product Management at Tripwire :
“It’s in everyone’s best interest, except for cybercriminals, to use the strongest encryption feasible when communicating with a website. The problem lies in the fact that ‘strongest’ is ephemeral, and what passes muster today falls to attackers tomorrow.
Anyone who operates a high volume website shouldn’t just upgrade their encryption protocol support to the latest and greatest. They should put in place a strategy for continuous updates. This encryption arms race isn’t going to end.”[/su_note][su_box title=”About Tripwire” style=”noise” box_color=”#336588″]
Tripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire’s portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence.[/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.