Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

9/22/2009
02:29 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

WireHead, Media Sourcery Offer PKI Service To Infosec Island

IslandPKI Web-based service to provide secure, easy-to-use browser-to-browser messaging and file transfer capabilities

RALEIGH, NC " September 21, 2009 " WireHead SecurityTM and Media Sourcery today announced a strategic partnership under which WireHead is delivering a first-of-a-kind security service to its new Infosec IslandTM community for IT and information security professionals. The new service, called IslandPKITM is the first public Web-based service to provide secure, easy-to-use browser-to-browser messaging and file transfer capabilities. IslandPKI is built on proven technology from Media Sourcery, currently in use at major healthcare and other organizations providing secure business-to-business solutions.

Using this technology provides the IslandPKI architecture with the highest level of security available for confidential and privileged business or personal communications. Infosec Island is the first secure infosec community featuring not only SSL-based security, but additional options for enhanced security for its members, such as IslandPKI.

As the first premium service available on Infosec Island, IslandPKI takes the complexity out of using public key infrastructure (PKI) encryption technology, providing an easy-to-use solution for encrypting sensitive employee, health or financial records and documents to share them safely via the Web.

IslandPKI is available on the Infosec Island site starting today to anyone who registers for a free membership. There is a 60-day free trial available to all Island members, after which members may subscribe for a low, flat fee of $25 per month/per user for this unique service. Site licensing options will be available to any organization with 100 or more registered members of Infosec Island.

IslandPKI was developed for Infosec Island by WireHead Security and Media Sourcery, makers of the AppMobilizer and PortalMobilizer security solutions. The underlying PKI technology is based on the PortalMobilizer solution from Austin, TX-based Media Sourcery, and is licensed by WireHead Security and adapted for Infosec Island.

For small- to medium-sized businesses, healthcare providers and facilities and other organizations that routinely handle confidential records and data, IslandPKI transforms PKI-level security into a practical option for the first time. IslandPKI makes it easy, quick and simple for IT/security pros to help non-technical users within their organizations to safely and securely share these records and documents. It is highly suitable for any industry that deal with regulatory compliance, such as healthcare, law, law enforcement, banking, government, insurance and financial services.

"We have been providing solutions for organizations in the healthcare field, as our technologies are designed from the ground up with HIPAA compliance in mind, plus simplicity," noted Larry Ketchersid, chairman and CEO of Media Sourcery. "IslandPKI is an ideal way to utilize our proven solutions to give the Infosec Island community an easy way to securely share any type of document or file containing confidential personal data or privileged business communications. We're very pleased to partner with WireHead and Infosec Island on this innovative Web-based service. The IslandPKI approach is simply not available on any other infosec portal or online community."

"IslandPKI brings Infosec Island members a number of unique benefits that enhance their organization's security," said Michael Menefee, president of Infosec Island publisher WireHead Security. "It can protect any document containing an individual's Social Security Number or other sensitive data, the loss of which could result in identity theft or fraud. It's so easy to use that any employee can use the service—not just technical experts highly-trained in PKI. That's the genius behind Media Sourcery's technology, and that's why we're so pleased to partner with them to deliver IslandPKI to our members."

IslandPKI offers the following functionality to Infosec Island members:

  • Lightweight, secure, browser-based communications via public key infrastructure;
  • Enables direct, highly-secure member-to-member communications including messaging within the Infosec Island site as well as file transfers; -- PKI, session encryption, encrypted local keystore, secure handshake, private key challenge/response, unique digital signature, and parcel payload verification; and, -- Planned enhancements for early 2010 include support for secure messaging and file transfer with a number of popular mobile devices plus a first-time authentication process for communicating with non-members of the Island.

    About Infosec Island Infosec Island is a new type of online community designed specifically for IT professionals who manage security, risk and compliance. Unlike other infosec portals, it combines the benefits of IT security portals and social networking into a single, vendor-neutral community. Infosec Island members improve their organization's security, save time and reduce their costs by taking advantage of a unique set of benefits, including infosec news and information, built-in social networking capabilities, relevant content based on personalized organizational views, free security tools and premium Web-based security services. Infosec Island is the first secure infosec community featuring not only SSL-based security, but additional options for higher security levels. Membership is free.

    Developed by professional services firm WireHead Security (www.wireheadsecurity.com), Infosec Island focuses on several industry sectors, including higher education, K-12, government, banking and insurance, healthcare, manufacturing, scientific research and other SMB enterprises. Based in Raleigh, NC, WireHead Security enables its clients to reduce their business risks by remediating dangerous and costly information security weaknesses. The company delivers high-quality security solutions and consulting services that help organizations combat threats and institute policies and procedures to safeguard their security. WireHead Security LLC is privately held and was founded in January 2009. More information can be found on the Web at http://www.infosecisland.com. You can follow Infosec Island on Twitter at http://twitter.com/InfosecIsland, or follow Mike Menefee's blog at http://www.hackyourself.net.

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    News
    Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
    Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
    Edge-DRsplash-10-edge-articles
    Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
    Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
    News
    Cybercrime Groups More Prolific, Focus on Healthcare in 2020
    Robert Lemos, Contributing Writer,  2/22/2021
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Write a Caption, Win an Amazon Gift Card! Click Here
    Latest Comment: This comment is waiting for review by our moderators.
    Current Issue
    2021 Top Enterprise IT Trends
    We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
    Flash Poll
    Building the SOC of the Future
    Building the SOC of the Future
    Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2021-27132
    PUBLISHED: 2021-02-27
    SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
    CVE-2021-25284
    PUBLISHED: 2021-02-27
    An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
    CVE-2021-3144
    PUBLISHED: 2021-02-27
    In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
    CVE-2021-3148
    PUBLISHED: 2021-02-27
    An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
    CVE-2021-3151
    PUBLISHED: 2021-02-27
    i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...