Security

Two-Factor Authentication Scams: What You Need to Know

Recently I came across an article relating to a Two-Factor Authentication Scam. I passed on this information to our employees here at SmartVault and we believe this information should be passed on to you, our customers, as well as your clients. What is a Two-Factor Authentication Scam? Well, first off, let me explain Two-Factor authentication. …

CONTINUE

The Danger of Sharing Login Credentials

SmartVault is built on the idea that every employee user will have his or her own license – so like most software applications, it’s a violation of our terms of service to share login credentials. But more importantly, when you use someone else’s login credentials, you are creating a false audit trail and eliminating any …

CONTINUE

SmartVault – Incident Update

Yesterday, SmartVault experienced a degradation in performance that caused some customers to experience slower than normal response times when using the SmartVault service. The degradation in performance primarily affected the Connected Desktop and Dashboard, and caused customers using these features to experience very slow response times. Customers could still access files through the SmartVault Drive …

CONTINUE

Good Password Hygiene is Essential to Reducing Risk

Google reported yesterday that several lists claiming to contain user credentials (usernames and passwords) were ‘dumped’ on the web. Google reported that less than 2% of the username and password combinations might have worked and that their automated anti-highjacking systems would have blocked many of those login attempts. They have also required users of the …

CONTINUE

SmartVault Not Vulnerable to Heartbleed

The SmartVault team has performed an analysis of our service and determined we are not vulnerable to the HeartBleed Bug (CVE-2014-0160) in OpenSSL. SmartVault always recommends you use a unique password for each web application. If you have used a password with the SmartVault service that you also use with a service that is vulnerable …

CONTINUE

Think Before You Sync

Five Key Strategies for Maintaining Centralized Control of Your Files Syncing files from a local computer or device to the cloud is a common business practice in today’s mobile-driven world—as common as the Internet, specialty coffee, the App Store, and all the other day-to-day “Can’t-Live-Withouts.” But is sync really the most prudent way to manage …

CONTINUE

Breaking Up (with Bad Habits) is Hard to Do

What Dental Floss, Yoga, and Secure File Sharing all Have in Common Last night I stumbled across one of my favorite quotes from the late, great standup comic Mitch Hedberg, in which he compares the pain of quitting smoking to the agony of trying to start flossing.

CONTINUE

Why I’m Calling for Better Privacy Laws for Email and Online Document Storage

What You Need to Know about ECPA Privacy laws in the United States regarding emails and online document storage are very archaic. Currently, the Electronics Communication Privacy Act (ECPA) designates that email stored for longer than 180 days is not protected communication. Therefore, access to archived email requires only a subpoena rather than a warrant. …

CONTINUE

Improve your security

Firefox plugin (alpha for Chrome) from EFF that automatically redirects to HTTPS (encrypted) connections for many websites. If you use Firefox and are concerned about browser security a good plugin to have. Read more about it here in this Wired Article. HTTPS 3.0

CONTINUE

Password Tip #5: Policy

I’ve been giving you tips to help improve how you handle passwords — the keys to online access. The next step as a business owner, is to develop a password policy. The purpose of policy is to inform your employees (and potentially clients) of their expected behavior. If an employee writes down a password and …

CONTINUE