Businesswire | July 18, 2023
The world’s efforts to secure digital communications from the threat posed by quantum computers took a significant leap forward today as a new standard for quantum-safe Virtual Private Networks (VPN) was ratified by the Internet Engineering Task Force (IETF).
The new protocol has already been used by Banque de France and Deutsche Bundesbank to secure payments messages, paving the way for full adoption by the Bank for International Settlements to secure communications between the world’s central banks.
‘Harvest Now Decrypt Later’ (HNDL) attacks currently represent the greatest quantum cybersecurity threat. These attacks see hostile actors steal encrypted data now which can be decrypted once a sufficiently mature quantum computer comes online. The new US Quantum Computing Cybersecurity Preparedness Act states that the HNDL risk presents the highest threat to humankind and stipulates that quantum migration must start now. Deploying a VPN based on new post quantum cryptography is the easiest way to protect data-in-transit from such attacks.
The new IETF standard specifies how VPNs can exchange communications securely in the quantum age. The novel approach prioritises interoperability by making it possible for multiple post-quantum and classical encryption algorithms to be incorporated into VPNs. Combining both old and new encryption is essential to ensure no disruption to the functioning of existing IT systems, and to protect data from attack by both classical and quantum computers.
This is a particularly important milestone for internet connectivity and security as we are transitioning from an era where the world relied upon just one or two algorithms (RSA and Elliptic Curve), to a situation where different nation states are deploying a wide variety of different post-quantum algorithms. This new IETF standard is the glue that allows parties using different public key encryption algorithms to talk with one another.
The new IETF standard was proposed and designed by Post-Quantum, a British cyber security company that’s built a portfolio of market-ready quantum-safe cyber security products. Post-Quantum’s own Hybrid PQ VPN uses the new IETF standard and is already in use by NATO to secure its communications from quantum attack, supporting interoperable communications between NATO members.
CJ Tjhai, CTO, Post-Quantum and original author of the new IETF standard said: “I’d like to thank all the technologists that collaborated with us on this IETF standard. Much of the focus has been on NIST’s new post quantum encryption algorithms themselves, but this is insufficient unless you have a protocol that defines how the connectivity is done. The easiest way to prevent Harvest Now Decrypt Later attacks is to deploy a PQ VPN based on the new IETF standard. NIST’s new algorithms are only useful if we have agreed standards for their use and mature products that can accommodate them.”
Andersen Cheng, Executive Chairman, Post-Quantum added: “CJ and his collaborators have completed important work that makes it possible for tech companies to build quantum-safe VPNs that communicate to one another. We are entering a period where different countries are now recommending different encryption algorithms, so engineering our communications infrastructure to be interoperable and backward compatible is absolutely crucial. That’s the value our own VPN is bringing to organisations like NATO, a diverse member organisation with a variety of post-quantum algorithms in use.
“In the commercial sector, we are pleased that Banque de France and Deutsche Bundesbank have also recently completed their project in transmitting payment messages using our protocol, which will pave the way for the Bank for International Settlements to build a complete chain of trust for central bank applications to counter any HNDL risks they already face today.”
José María Lucía Moreno, Lead Partner, EY Wavespace and a Post-Quantum partner added: “Our agreement with Post-Quantum is an important step in helping EY and its clients to become quantum-safe. We’re increasingly consulting with our clients to identify where they use traditional encryption that will need to be upgraded, and to help them prepare for the quantum era. Post-Quantum’s approach is particularly interesting because they have modular software-based products like the VPN, which can be implemented together, or as standalones within existing environments, to offer protection today.”
The IETF is the non-profit organisation with responsibility for developing the standards that define how the internet is built and used. Now that the IETF has ratified this work, VPN providers will adapt their protocols to match it, making this a defining standard for the future of cybersecurity as the world transitions from classical to new post-quantum encryption. Ratification represents the culmination of work dating back to 2017 when Post-Quantum took the lead in creating the original proposal for this standard.
Post-Quantum is upgrading the world to next-generation encryption. Our quantum-safe platform includes modular software for Identity, Transmission and Encryption that protect organisations across their entire digital footprint. Products are interoperable, backward compatible and crypto-agile - ensuring a smooth transition to the next generation of encryption.
Post-Quantum works with organisations in defence, critical national infrastructure and financial services, including a multi-year relationship with NATO to ensure its communications are secure against quantum attack.
Virtual Desktop Tools, Desktop
Globenewswire | July 03, 2023
Docker, Inc.® today revealed its latest efforts to improve the scope and performance of the Docker Desktop with the acquisition of Mutagen, a renowned company celebrated for its open-source file synchronization and networking technologies that enable high-performance remote development. Mutagen's synchronization and forwarding capabilities facilitate the seamless transfer of code, binary artifacts, and network requests between arbitrary locations, connecting local and remote development environments. When combined with Docker's widely-used container technologies, developers can unlock a plethora of innovative opportunities and accelerate development velocity through local and remote containerized development.
“Docker is more than a container tool, it comprises multiple developer tools that have become the industry standard for self-service developer platforms, empowering teams to be more efficient, secure, and collaborative," said Docker CEO Scott Johnston. “Bringing Mutagen into the Docker family is another example of how we continuously evolve our offering to meet the needs of developers with a product that works seamlessly and improves the way developers work.”
The acquisition of Mutagen introduces novel mechanisms for developers to extract the highest level of performance from their local hardware, while simultaneously opening the gateway to the newest remote development solutions. With the growing number of developers, businesses, and enterprises relying on Docker, the company is driven to continually scale and enhance the capabilities of Docker Desktop. In addition to Mutagen, the company has recently introduced new offerings that are compelling to every developer. For simplified local Kubernetes development there is Telepresence for Docker, and Docker Scout is an early access tool that offers efficient image monitoring with a layer-by-layer view of image dependencies, vulnerabilities, and remediation paths.
"There are so many captivating integration and experimentation opportunities that were previously inaccessible as a third-party offering," explained Jacob Howard, Mutagen’s CEO. "As Mutagen's lead developer and a Docker Captain, my ultimate goal has always been to enhance the development experience for Docker users. As an integral part of Docker's technology landscape, Mutagen is now in a privileged position to achieve that goal."
Docker helps millions of developers efficiently and collaboratively build, share and run applications. The Docker collaborative application development platform provides developers with an unmatched experience for an integrated, reliable, and secure workflow that accelerates app delivery from code to the cloud. Through a combination of the world’s largest marketplace of trusted content and integrations with leading tools, Docker allows teams to rapidly create modern applications. For more information, visit www.docker.com
Backup and Disaster Recovery
businesswire | September 12, 2023
GRAX, Inc., a leading innovator in Salesforce data management and protection, announces the general availability of GRAX Lite for free Salesforce backup and recovery. GRAX Lite is a game-changing free solution that enables businesses to prevent data loss by safeguarding their Salesforce data.
GRAX Lite addresses a critical need in the SaaS data protection market by offering comprehensive free backup software. In an era marked by escalating cyber threats and stringent compliance regulations, GRAX Lite arms businesses with a powerful tool to shield their vital Salesforce data. Built on the principle of data ownership, GRAX Lite gives Salesforce users the power to take back that ownership and control of their valuable Salesforce data with a couple of clicks.
"At GRAX, we have always believed that data protection is an unassailable right," said Joe Gaska, Head of Product at GRAX. "With the launch of GRAX Lite, we are breaking down barriers and providing businesses with the tools they need to secure their mission-critical Salesforce data so that they can focus on growing their business."
Key capabilities of GRAX Lite for Salesforce Backup and Recovery
Effortless Backup and Recovery: GRAX Lite simplifies the backup process allowing users to protect and easily restore their Salesforce data with just a couple of clicks.
100% Data Ownership: GRAX Lite empowers users to retain full ownership of their data by enabling backups into the customer-owned storage service – Amazon Web Services (AWS) or Azure cloud storage environments.
Maintain Your Digital Chain of Custody: With GRAX, users retain full control over their data’s Digital Chain of Custody – GRAX runs entirely in the customer-owned cloud.
Unlimited backup storage: GRAX Lite enables users to capture all of their data into their cloud of choice, where users can leverage their existing cloud agreements.
Daily Automated Backups: Users gain peace of mind with automated incremental backups of Salesforce data, including files and attachments, ensuring no critical information is lost.
Granular Control: Swiftly restore individual records, making it simple to bring back data quickly when you need it.
User-Friendly Interface: The user-centric design of GRAX ensures that any user can navigate and deploy free Salesforce data protection from the GRAX Platform with ease.
GRAX Lite is a testament to GRAX's commitment to data sovereignty and data governance. By providing a free and user-friendly solution for Salesforce backup and recovery, GRAX Lite empowers organizations to take back ownership of their data assets, create a comprehensive backup strategy, and focus on driving business growth.
GRAX helps organizations adapt faster by making it easier to get strategic value out of their historical SaaS application data. Customers can fully own, access, and reuse all versions of their cloud application data anywhere, anytime by simply backing up or archiving it to their own cloud environment and seamlessly pushing it into their data ecosystem. GRAX delivers unparalleled SaaS data backup, archive, recovery, and reuse functionality in a fully integrated solution, helping leading organizations improve business continuity, regulatory compliance, customer retention, and revenue growth.
Globenewswire | July 06, 2023
Climb Channel Solutions, an international specialty technology distributor and wholly owned subsidiary of Climb Global Solutions, Inc. (NASDAQ: CLMB) has announced a new partnership with SaaS security provider, AppOmni.
With AppOmni, Climb now offers universal security across all SaaS applications with centralized visibility and data access management. This critical addition to Climb's repertoire enables resellers to round out their security solutions, strengthen their customers’ overall security posture, mitigate risks, and ensure compliance with industry regulations.
“AppOmni is radically advancing the way businesses implement common security capabilities across their entire SaaS ecosystem. Our technology enables businesses to establish rules for data access, data sharing, and third-party applications that are continuously and automatically validated,” noted Donald Shake, Director, Channels North America at AppOmni. “Organizations from technology, healthcare, government, and finance are eager to deploy AppOmni to protect data across all of their SaaS applications. Through our partnership with Climb, more channel partners and customers can benefit from AppOmni’s comprehensive security model and the team’s security and technical expertise.”
Limited-to-zero visibility into the configuration and state of SaaS applications is a major threat for every business. As Gartner forecasts worldwide SaaS spending will reach $195 billion by the end of 2023, the opportunity for solution and technology leaders to protect their clients’ SaaS data with advanced security tooling and expert insights powered by AppOmni is soaring. AppOmni makes it easy for security and IT teams to secure their SaaS data during new implementations and in environments currently operating with SaaS.
"Climb is always on the lookout for top notch security solutions for our resellers," says Dale Foster, CEO at Climb Channel Solutions. "Adding AppOmni to our transacting vendors list not only provides cutting-edge security solutions for our valued resellers, but this collaboration opens doors for our resellers to tap into the growing demand for compliance, robust security, and visibility sought by IT and security teams."
About Climb Channel Solutions and Climb Global Solutions
Climb Channel Solutions is a global specialty IT distributor for emerging technology vendors with solutions for Security, Data Management, Connectivity, Storage & HCI, Virtualization & Cloud and Software & ALM. Climb provides vendors access to thousands of VARs, MSPs, CSPs and other resellers. Climb holds an IT-70 GSA contract vehicle that provides resellers and vendors with a competitive edge within the Public Sector. Climb is a wholly owned subsidiary of Climb Global Solutions, Inc.