How data safes can protect against malware infected personal computers

A recent article in a German IT magazine outlined a new SWAT-style police force that is being setup to deal with the growing problem of decontaminating infected home PCs (http://www.chip.de/bildergalerie/Jetzt-am-Kiosk-Die-neue-CHIP-02_2010-Galerie_28238527.html?show=2). The article brings to light how serious the issue of individual PC owners being unable to keep their computers clean and safe.

The article goes on to suggest that there is an exceptionally high percentage of computers infected with malware viruses.  Malware are used as vehicles for organised Internet crime to locate interesting data on personal computers and send it back to specific servers. Although you could argue that all data on a personal computer should be encrypted to protect against such attacks, this protection is not really effective because with most disk encryption products such as Microsoft’s Bitlocker or Apple’s Filevault access to the documents is already enabled from the moment that a user logs in.

The most recent cases of “man in the browser” attacks against eBanking services found malware sitting in the browser and manipulating the data that was being interchanged between the customer and the bank.  There is an extreme security solution to this problem that requires you to reboot your PC with a clean operating system and then run a clean browser from a specially prepared USB stick.  That will guarantee that you have a clean computing environment. 

However, the simplest and most reliable solution to the problem of computer contamination is to protect your most important data by storing it in an online data safe located in a high-security data centre. Your data is then not  only protected against potential malware threats to your computer but also against unintentional deletion, hard-disk crashes or even against force-majeur risks such as fire and water damage. This may also be a more welcome solution than having to hand your computer over to a police task force! 

We’ve noticed an increase in people contacting us for solutions to  eliminate malware attacks. If you would like more information or to talk to us about your own data security concerns, email us at: support@datainherit.com. 

To find out more about our online data safe, please visit: www.datainherit.com or start a free trial at: https://www.datainherit.com/apps/trial.html#

Finding a service provider you can trust

A week ago we looked into the reasons that make a cloud service provider trustworthy                                                         (http://datainherit.wordpress.com/2009/11/23/when-can-you-trust-saas-or-a-cloud-service-provider/). Now we are going to take a look at the steps that your service provider should take in their quest to become a trustworthy service provider. We have been through them all in our development of DataInherit and have outlined below what we believe are the minimum requirements you should expect from your service provider.

Service availability and performance:

Firstly, you need a service provider that does not outsource their operations as the third party may have different priorities when it comes to the security your data. Then, it is important to ensure that the data-centres where your information is being stored are security certified. Hopefully your service provider will be boasting about this on their homepage so the information should be easy to verify. In our case, our servers conform to the exacting standards of the Swiss banking commission. All the servers and services that you use to access DataInherit are redundant and designed for the highest availability for our customers. This is an important element if you want to be able to access your data anywhere in the world and at any time. Also, our servers are setup in a high-performance and high-scalability cluster with state of the art load-balancing.  Availability monitoring should come from different angles of the world and should be implemented with internal means as well as by a leading third-party service monitoring company.  This should be a minimum requirement for your service providers.

Privacy:

It’s true that not all service providers will be able to boast a long standing tradition of privacy and security. Obviously, we achieve that automatically with a service designed and developed under some of the strictest privacy protection laws in the world. Although this gives our customers an increased level of security it is imperative that you check carefully your service provider’s privacy policy before signing up. This document should be easily accessible from the website. For an example of what you should expect in terms of privacy, you can view our privacy policy here: http://www.datainherit.com/en/privacy.html.

Access and Confidentiality:

Can my service provider access my data? This is a question that people don’t always consider when choosing a service provider as it is perhaps assumed that they can’t. However, if your provider can reset your password on demand then there is a potential risk that this will enable them to also access your account. To ensure maximum security for your data, and to remain 100% anonymous, your service provider should not be able to assist you in gaining access to your account. Unfortunately, this puts a greater onus on customers to safeguard their login information but it is the only guaranteed way to ensure the highest level of security for stored data.

Customer Service:

Lastly, you need to ensure that your provider has a good customer service and can be contacted with any queries or problems you may have 24 hours a day, 7 days a week. This is the backbone of any company that takes their role as a service provider and the needs of their customers seriously. At DataInherit our policy is to answer our customers queries within one hour. Our advice would also be to trial any service you are considering using to test these levels of usability and service before choosing the right service for you.

Tobias Christen CTO, DataInherit

P.S. For a full definition of trustworthiness in Computer you may find this exert from Wikipedia of interest: http://en.wikipedia.org/wiki/Trustworthy_Computing

To find out more visit: www.datainherit.com or start a free trial at: https://www.datainherit.com/apps/trial.html#

When can you trust SaaS or a Cloud Service Provider?

Service providers that offer “Software as a Service (SaaS)” (or other services e.g. storage) are often referred to as cloud-based service providers. The term “cloud” stems from historical technical drawings where the internet is represented by a cloud. A service that is offered in the internet is therefore described as a service in the cloud.

The problem with service providers in the cloud is that you can not meet them personally (like the computer retailer around the corner), and hence you have the feeling that there is no basis for establishing a trusting relationship because you can’t judge them on a first impression basis.

So the basic question we need to ask is what should a cloud service provider do to earn your trust (i.e. to be deemed trustworthy)? Depending on the qualities that you expect from the service provider, he should offer many or all of the following:

• great customer service including: fast reaction time, useful answers and a generous offering
• a service that is available when you need it
• a service that is fast and easy to use
• the service provider needs to respect your privacy
• the service provider needs to respect the confidentiality of the data that you give him.

Customer service
How can you find out about the level of customer service? Unfortunately, you usually don’t find out how good a provider’s customer service is until you have a problem. For some services the discussion boards on the internet can be a useful place to obtain some idea of their customer service record.

Service availability and performance
Often you can test-drive a service for a certain period of time. This is a great way to find out whether a service is fast, easy to use and whether it meets your requirements.

Privacy
A service provider should only save the minimum of personal data and never pass this information on to any party not directly involved in providing the service to you.
You can find out how much data the service provider asks from the registration form. Each service provider also needs to provide you with a “Privacy statement” where the details of which data is collected and for what purpose should be clearly stated.

Confidentiality
This is the most difficult point because every service provider claims that they provide a secure service. However, to provide real confidentiality for your data, the service provider should encrypt all data and you should be the only person that has access to your data. Strictly speaking, as long as the service provider can reset your password (on demand), there is no guaranteed confidentiality.

There are a lot of service providers operating in the cloud and it can be daunting to find the right one for you.  Hopefully our short guide has given you some pointers for ensuring that whichever provider you choose, you are sure that their service is 100% safe and secure.

For example, we have designed and built our service, www.datainherit.com, to be the leading service provider offering maximum privacy and confidentiality. Read our blog next week to find out what measures we took to be classified as a trustworthy service provider.

Tobias Christen
CTO, DataInherit

To find out more visit: www.datainherit.com or start a free trial at: https://www.datainherit.com/apps/trial.html#

Winner of our October raffle is from Sweden!

We would like to thank everyone who participated in our user feedback survey last month. October’s winning entry came from a user in Sweden.  Congratulations and we hope that you enjoy your $100 Amazon vouchers!

If you would like to enter our November draw, simply trial our service for free and then complete our very short questionnaire at: www.datainherit.com.

Regards

The DataInherit Team

Interview with Adobe

Adobe interviews DataInherit CTO and others involved in the development of our internet service: http://adobeadvocates.credref.com/?p=24d72

A real experience to learn from

It is true that we don’t like discussing our own mortality or planning ahead for the inevitable.  However, that attitude is exactly what brought one of our customers to us and, thanks to her agreement, we would like to share her email with you on our blog so that others may avoid the situation that she was placed in a couple of month’s ago. 

Dear DataInherit

I am writing to you as I feel it would be beneficial for you to know my story and to pass this on to your customers following my husband Mark’s sudden death a couple of month’s ago at the age of 42 – a situation that turned my life upside down to say the least.

Mark was the typical man of the house.  He was responsible for paying the bills, upgrading services when necessary and storing our important documents with an online service provider.  I was kept pretty much in the dark about the specific details and that was fine by me. Obviously when he passed away I realised that my ignorance was no longer bliss and that in fact it had created an enormous amount of problems and irreparable damage. 

For example, I knew that Mark stored our documents with an online provider and although I found the name of the company and tried to contact them to get access to our information they said that this was only possible with the password and username – something that I didn’t have.  They talked about encryption and so on but it still didn’t change the fact that I will never be able to see what was stored here or retrieve the information.  This is something that still leaves a sour taste in my mouth.

Sure, I was able to retrieve some things by other means such as our lawyers etc, but things that have gone with Mark include our PayPal account details; frequent flyer account details and the useful spreadsheet with all the passwords I would need to access these and more.

The online data storage site did its job 100% so I decided to continue with storing information online, but, for obvious reasons did not wish to stay with the company Mark had used.  Then I found your service and it was amazing that you combined the two things that I was looking for: data storage and the security that these items could be passed on to my children in the event of my death.

I hope that by sharing my experience with others that people can be spared the pain that I have experienced over the last few months of not only losing the man that I love, but also items that also cannot be replaced.

Yours sincerely

Joanne
Ireland

We thank Joanne for sharing her story with us and offer our sincerest condolences to her and her family. 

If you would like to find out more about our service, please visit: www.datainherit.com.

DSwiss Appoints Head of Business Development

The Swiss bank for digital assets, DSwiss, announced today the appointment of Christian Schwarzer into the newly created position of Head of Business Development.

Christian, who has been consulting for the Company since March 2009, brings a wealth of knowledge and expertise to the role gained from his previous positions with IT-consulting firm AWK Group; technology company, Intel, and Ericsson, the world’s largest telecommunications supplier. He will be responsible for overseeing the Company’s partner and channel program as well as managing customer-specific datasafe projects.

Andreas Jacob, Managing Partner at DSwiss, said: “Christian has an impressive track record for developing and implementing business strategies for large corporations as well as small start-up operations. Since joining our Company as a consultant he has been instrumental in the launch of DSwiss Datasafe Solutions to our institutional clients.”

“I am delighted to be taking on this role at DSwiss and look forward to the opportunities and challenges of developing partnerships and launching new products based on the Company’s knowhow in the area of ultra-secure Internet services and long-term custody of important digital data,” added Christian Schwarzer.

DSwiss are the Company behind the high security data storage Internet service with a built-in data inheritance feature www.datainherit.com.  The site provides a repository for important digital assets with the option to assign beneficiaries to items to ensure their accessibility by family and loved ones in the event of death or incapacity.
-ends-

About DSwiss
DSwiss is a Swiss bank for information assets that offers customers and partners around the world ultra-secure Internet services and long-term custody of important digital data through our online service, www.datainherit.com.

DSwiss is an independent corporation with headquarters in Zurich, Switzerland. For further information, please go to www.dswiss.com. 

Media Contacts

Victoria Tayler
Victoria Tayler Communications
e: contact@victoriatayler.com
t: +41 79 4301915

Andreas Jacob
Director of Customer Service and Business Partner Relations
e: andreas.jacob@dswiss.com
t: +41 44 515 11 11

Swiss Companies Capitalize on the DataSafe Trend

DSwiss, the Swiss bank for digital assets and leading independent technology and consultancy firm, Zühlke Switzerland (Zühlke), announced today that they have formed an alliance to provide their technology for data protection,  DSwiss DataSafe Technology, to the world’s leading financial institutions, insurance companies and the health sector.  

Following the success of the consumer Internet data safe, DataInherit (www.datainherit.com), which was designed and developed by the two companies, DSwiss and Zühlke are making the technology, DSwiss DataSafe Technology, available to other interested companies who wish to offer an online data safe to their customers. 

Internet data-safes are web-based solutions that enable users to store documents, data and passwords in a safe and secure manner, which they can access anytime, anywhere.  They have become an important tool in ensuring confidential and private communication between companies and their customers as well as reducing operational costs.  The Internet data-safe solutions from DSwiss and Zühlke give client access to a proven, cost-effective technology that they can brand, customise and launch before their customers start looking elsewhere for a solution provider to store their digital assets.

Lukas von Känel, Managing Partner at DSwiss explains: “Companies that share and exchange important data and information with their customers face the challenge of how to guarantee the confidentiality and security of this information, whilst continuing to offer a simple and convenient service. There is a growing need for companies to go paperless to protect the privacy of their customers and our technology, DSwiss DataSafe Technology, provides them with a market-proven product that is ready to go.”

Walter Hürsch, Partner at Zühlke added: “Our solution was two years in the making and was developed by a team of highly regarded software engineers with expertise in the area of Internet banking and security.  We can therefore guarantee that our clients get access to cutting-edge technology.  Internet data safes help to provide a unique value proposition to a company’s current offering by simplifying and securing the electronic interaction with their customers.”

DSwiss DataSafe Technology has obtained the highest security standards in both development and infrastructure. The solution has a streamlined architecture which provides low risk and comes with the added protection of a 2-factor authentication option and fully guaranteed encryption. The prioritization of the technology’s protective mechanisms is based on the recommendations of the National Institute of Standardization (NIST 800-54, 800-18) and also those of OWASP. The integrated digital escrow system can also be used for various scenarios of conditional access such as data hand-over in emergency situations.

-ends-

About DSwiss
DSwiss is a Swiss bank for information assets. DSwiss offers customers and partners around the world ultra-secure Internet services and long-term custody of important digital data through our online service, www.datainherit.com.

DSwiss is an independent corporation with headquarters in Zurich, Switzerland. For further information, please go to www.dswiss.com.

About Zühlke Engineering AG
Zühlke is a leading independent technology and consultancy company focussed on providing bespoke software solutions and product innovation. We advise, develop and integrate to efficiently deliver solutions of the highest quality. Zühlke enables its clients to successfully implement their ideas with processes, products and services that set new standards in reliability and performance. Over the past 40 years we have built an enviable track record and are now an internationally renowned solutions provider with development centres in Austria, Germany, Switzerland and the United Kingdom. Zühlke is a medium sized financially sound business employing around 330 staff who has generated revenues in excess of CHF 71 Million in 2008.
Media Contacts

Victoria Tayler
Victoria Tayler Communications
e: contact@victoriatayler.com
t: +41 79 4301915

Lukas von Känel
Head of Finance and Strategy
e: lukas.vonkaenel@dswiss.com
t: +41 44 515 11 11

Zühlke Engineering AG
Daniela Reinhard
e: daniela.reinhard@zuehlke.com
t +41 44 733 6611

Do you have an Executor for your Digital Assets?

In today’s busy world where we are producing more and more digital data, how can we ensure that our data doesn’t follow us to the grave? 

The first step is to find a hosted solution for your data storage.  Yes, this might not be your first choice as you instinctively want to keep control of your own assets without giving them to a third party.  However, the problem with this is that the biggest threat to your digital data is more often than not you, the data owner. Yes that’s right, the most common security risk to your data is through unintentional deletion or editing mistakes or PC drive failure. 

The second step, if you want to ensure that your data is protected but can then be accessed by family, loved ones and business partners when you are gone, is to deposit your data assets with a storage facility that also offers an inheritance feature.

Online data storage sites have been around for a while now but the ability to assign beneficiaries or emergency contacts to your data is a new and innovative concept.  This service ensures that your data is safe and can be passed on to family, loved ones in the event of death or incapacity.  It can also be used for emergency situations eg, if you become stuck in an unforeseen travel strike and can’t get back for that important meeting and your pitch documents are in your secure online data safe.  In these instances your predetermined emergency/inheritance plan is activated.

At DataInherit we call your online executor an “Authorized Activator”.  We recommend that you choose a friend, relative or legal representative that can be trusted to claim conditional access to your data similar to the executor you have nominated in your Will. Typically the activator should be neutral and have nothing to gain from accessing your data.  This person will be given pre-arranged authority to release your data under emergency circumstances or in the event of your death.  It is also possible to have more than one Authorized Activator for your account.

It is, however, important that a solution provider protects the privacy of your data before conditional access is activated.  This means that the solution provider has to guarantee that a) there is no parallel path allowing access to your data with the authorized activators credentials, and b) that the owner is notified of conditional access, combined with a safety delay period, to intervene should abuse be detected.

Your Authorized Activator will receive a ‘DataInherit Activation Code’ instruction which they will use to activate the handover process of your data to the designated beneficiaries. When the Authorized Activator enters the code into the corresponding webpage, the safety delay period will begin. During this period DataInherit will try to contact you to ensure that the claim being made is valid. Once the safety delay period has expired the beneficiaries of your account will receive the data assigned to them in a secure and confidential manner.

The subject of data storage and inheritancy has become a hot topic over recent months due to the growing number of examples of where problems could have been solved if people had put in place safeguards for their digital data.  For peace of mind it may be time to take the plunge and look at storing your most precious memories somewhere a bit safer than the ticking bomb that is your home PC and ensuring that they can be passed on to the people that matter in the future.

To find out more visit: www.datainherit.com or start a free trial at: https://www.datainherit.com/apps/trial.html#

7 Reasons why you should choose DataInherit

1. Never lose important data again

Let DataInherit protect and safeguard all of your important data so that you can relax knowing that your most precious digital assets are completely safe and secure, no matter what. 

2. Safety and Accessibility

Protect and preserve your digital assets including work and intellectual property whilst still having access to from anywhere and at any time.

3. Swiss-based data-safe

With DataInherit your important data is stored in one of our unique data-safes at our Switzerland-based data banking centre. This provides a safer and more confidential place to keep your data than on your own PC.

4. Pass it on

You can ensure that your useful and important data is passed on to your family, partners and friends etc, in the even that something happens to you. 

5. Make provisions for your family

Provide peace of mind by making provisions and arrangements for your family that you know will be carried out by DataInherit exactly as you requested.

6. Safeguard your financial assets

Access to online accounts and assets is of great value, so you should ensure that these passwords are safe and secure.  All you need remember one password, your DataInherit data safe password, and have access to your other passwords through our system.

7. There’s more to life

You never know what will happen tomorrow including force majeure or death. With DataInherit you have the reassurance that you are prepared for the future.

To find out more visit: www.datainherit.com or start a free trial at: https://www.datainherit.com/apps/trial.html#