The views expressed in this blog are those of the owner and do not reflect the views or opinions of the owner’s employer. All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information. This policy is subject to change at any time. The owner is not an attorney, and nothing posted on this site should be construed as legal advice. Litigation Support Tip of the Night does not provide confirmation that any e-discovery technique or conduct is compliant with legal, regulatory, contractual or ethical requirements.
You can find out if a web account you access with a particular mail address has been compromised by going to, https://haveibeenpwned.com/ . This site has a large database of more than a billion hacked accounts. Pwn is simply a slang term for hack. This is a good, simple way to show attorneys that you're serious about data security.
When engaging an electronic discovery vendor make sure that they provide an adequate level of data security for encrypted data transferred over a network, by checking to see if they are validated under FIPS 140-2. Federal Information Processing Standard 140-2 is a standard set up for the National Institute of Standards and Technology (NIST) on Security Requirements for Cryptographic Modules. The validation process involves evaluation by an independent laboratory and review of the lab's report by a joint U.S. / Canadian body named the Cryptographic Module Validation Program. Be sure to distinguish between vendors that claim to be FIPS 140-2 compliant and those which have FIPS 140-2 validation. A FIPS 140-2 compliant organization will merely be using a cryptographic module of another business which obtained FIPS 140-2 validation.
FIPS 140-2 validation involves a review in 11 different areas:
An organization will receive a grade from 1 to 4 in each of these areas and an overall score, with 4 indicating the highest level of security.
Cryptographic Module Specification
Cryptographic Module Ports and Interfaces
Roles, Services and Authentication
Finite State Model
Physical Security
Operational Environment
Cryptographic Key Management
Electromagnetic Interference/Electromagnetic Compatibility (EMI/EMC)
Self Tests
Design Assurance
Mitigation of Other Attacks
RSA (Rivest Shamir Adelman) SecureID two factor authentication is a method for providing a user with access to a network developed by a division of EMC. The user receives a token or dongle that generates a six digit number every 60 seconds. The number is created from an algorithm and a seed record which is a 128 bit number. The random number generated by the token may also be delivered to a user via email or text message. The user has to both enter the randomly generated six digit number and a password to gain access to network, during the time period the random is displayed on the token.
Some systems used to allow a user to enter a special PIN in the event they were forced to access a network. Use of the special PIN would deactivate the account.
Most RSA devices are configured so that a server can recognize not only the number currently displayed by the token but also one generated by the token either one minute before or one minute after. If 'token drift' occurs - the device malfunctions and generates the a number too slowly, a receiving server should be able to detect this and adjust for it. If user enters a number displayed within 10 minutes of the current time, he or she may be challenged by the server to enter a second token number, that which is displayed immediately after the challenge is received.
Some RSA tokens will have a USB connection in order to store a certificate.