Still Using Weak Encryption Software

By   ISBuzz Team
Writer , Information Security Buzz | Oct 20, 2015 10:00 pm PST

More than six months since The Register reported that Virgin Media had failed to move away from weak encryption software used on sensitive areas of its website – the ISP is yet to hit the upgrade button. Tim Erlin, director of security and product Management at Tripwire have the following comments on it.

[su_note note_color=”#ffffcc” text_color=”#00000″]Tim Erlin, Director of Security and Product Management at Tripwire :

“It’s in everyone’s best interest, except for cybercriminals, to use the strongest encryption feasible when communicating with a website. The problem lies in the fact that ‘strongest’ is ephemeral, and what passes muster today falls to attackers tomorrow.

Anyone who operates a high volume website shouldn’t just upgrade their encryption protocol support to the latest and greatest. They should put in place a strategy for continuous updates. This encryption arms race isn’t going to end.”[/su_note][su_box title=”About Tripwire” style=”noise” box_color=”#336588″]Tripwire logoTripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire’s portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence.[/su_box]