LOCKBOX SFT Version 1.4 goes live tonight

September 11, 2010 – 10:20 am

We have a planned upgrade tonight at 10:00 pm (PST) to bring the production servers up to the latest and greats bits: Version 1.4.  This release took longer to implement and test, but it was definitely worth the extra effort.  The top features requested and improvements in this release include:

  • Auto-complete for customers who you send data to securely often
  • Protected package names while stored in the cloud
  • Protected package file names while stored in the cloud
  • Improved package contents load time
  • Custom secure package notification messages

As with all our releases and the fact that LOCKBOX SFT is a fully managed product, our customers don’t have to lift a finger to upgrade their LOCKBOX SFT deployments to this new version.  Alright cross your fingers, LOCKBOX SFT version 1.4 is going live tonight!

–Kevin

LOCKBOX SFT, the easiest to use and most secure file transfer service: http://www.golockbox.com

By Kevin Lam | Posted in News | Leave a Comment

The LOCKBOX public Web site is launched!

August 18, 2010 – 5:48 pm

Our public Web site (www.golockbox.com) is finally launched!  We’ve got a solid service, a bunch of great users, and a payment system that works … and now the real hard work begins :).

–Kevin

By Kevin Lam | Posted in News | Leave a Comment

LOCKBOX Version 1.3 is released

August 16, 2010 – 5:16 pm

I am happy to announce that LOCKBOX version 1.3 was deployed recently to the production servers.

The version 1.3 update includes several improvements to performance, user experience and security. Thanks to all our customers whose generous feedback thus far has helped us to greatly improve our products from one release to the next.  Please email support@golockbox.com if you encounter any issues with your account.  Thanks again,

–Kevin

LOCKBOX, the easiest to use and most secure file transfer service: http://www.golockbox.com

By Kevin Lam | Posted in News | Leave a Comment

LOCKBOX Version 1.3 is going live 08/08/10!

August 7, 2010 – 12:40 am

Improvements, improvements, improvements — all thanks to great feedback from our current users.  Please note that LOCKBOX v1.3 is scheduled to go live this Sunday from 10:00 pm – midnight, so the service will be down for upgrades during this window.

–Kevin

By Kevin Lam | Posted in Blog | Leave a Comment

How to Protect Your Customer’s Data: Securely Wiping Data on Your Windows PC

August 3, 2010 – 6:42 pm

I read an article that was forwarded to me several weeks ago about an insurance executive who left one company for another and was attempting to “hide his work from a rival company” by throwing his laptop into a pond.  The original article can be found here: http://fpn.advisen.com/fpnHomepagep.shtml?resource_id=124171879598845892#top

Now you might not be an insurance executive who needs to hide your work from a rival, but there may be times where you need to securely remove your customer’s data from an old or de-commissioned system.  For example:

  • You are donating your old PC to charity;
  • You upgrading your old system with a new hard drive; or
  • You are throwing away an outdated PC.

Whatever the case, you need to help ensure that your customer’s data stays out of the hands of your competition and/or malicious computer hackers. In this article I’ll show you how to do this on a Windows-based system (and, no the answer is not throw your PC into a pond).

Note: If you are not familiar with running system commands, no problem. I still recommend that you read through this article just to understand what’s going on and forward this article to your IT specialist when you actually do need to securely delete data.

Why Simple File Deleting is Not Enough

Our company gets hired by financial institutions and other organizations to professionally break into (or “hack”) their computer systems and perform what’s called a “penetration test”.  Our objective is to show the management of those companies different ways a malicious computer hacker might be able to gain access to their systems, critical data and more importantly how to fix it. One way to achieve this objective is what is called “dumpster diving” and that’s where we literally go outside a business’s premises and try to recover computer systems that may be thrown away in a dumpster or put out for recycling pick-up. Our hope is that we find a computer system where the previous owner simply deleted the files on that computer, assuming that it would sufficient to keep those files from being recovered.  Trust me, it’s not.

This is the same on any computer system (Mac, PC, Linux or otherwise), but when you delete a file or a folder, the actual data is not really removed from the hard disk in the way you would think. Instead, the space on the disk where that file or folder resides is what’s called “de-allocated”.  De-allocating a file or folder simply tells your system “hey we aren’t using this space anymore” but the old data there isn’t technically deleted.  Until the system actually writes another file on the spot where the old data was, that old data even though it’s been marked as “deleted” or  ”de-allocated” can be recovered by using what’s called low-level disk editing or data recovery software.

This is what corporate spies and other malicious computer hackers are counting on and one of the ways they are able to gain access to some of their competition’s sensitive data.  How do you help prevent this from happening to you?  Read on.

How to Properly Wipe Your Windows PC/Laptop: Using Microsoft Windows Cipher.exe

Starting with Windows XP and higher, all Microsoft Windows operating systems come with a handy utility called cipher.exe.  This tool is typically used for managing file encryption features on Windows systems, but it comes with a very useful option and that is the ability to overwrite data that has been deleted so that it cannot be easily recovered.  The way cipher.exe works is that it will write a series of zeros over any de-allocated file space, and then a series of ones and then finally a series of completely random data, which should be sufficient to prevent that de-allocated data from being recovered.

Let’s pretend you have a folder named “C:\MyData” on your old system that contains all your customer data.  You’ve already transferred it to the new system, verified that the copy was successful and want to permanently remove it from the old system. Here’s what you do:

  1. On the old system delete the files in C:\MyData as you normally would.
  2. Close any running applications.
  3. Click Start, click Run and type cmd followed by pressing the Enter key.
  4. Type cipher.exe /w:c:\MyData and this press the Enter key.  This will instruct the cipher.exe tool to begin overwriting the de-allocating space that maps to c:\MyData so that de-allocated data is no longer recoverable.
  5. (Optional) If you want to make sure all de-allocated space is overwritten on a drive, then you’ll want to change the command to cipher.exe /w:c:\ which will overwrite all the de-allocated space on c:\.  Repeat this for any other drives you may want to wipe de-allocated space on.
  6. (Optional) For extra security, after you’re completely done with the old system and ready to get rid of it, you could also take your Windows installation disk and re-install Windows or any other operating system over the old operating system, making sure to remove old partitions and formatting all new partitions.

Note: The cipher.exe utility will take a long time to run.  This is because it’s going through your entire disk, byte-by-byte, overwriting de-allocated space and doing it multiple times.  My recommendation is to run cipher.exe and then go out to lunch or coffee and let it run while you’re gone. Given the choice between letting your customer’s data fall into the wrong hands and then having to explaining to them how/why/when you lost their data, or having to wait an hour or two, I’d say the wait is well worth it wouldn’t you?

Conclusion

Simply deleting files on a computer system will not sufficiently prevent those files, such as your customer’s data, from being recovered by corporate spies, malicious hackers or other nefarious users. On Windows systems, starting with XP and higher, the cipher.exe utility can be used to overwrite de-allocated file space and prevent any residual data on that de-allocated space from being recovered by low-level disk editors and recovery software.

Thanks, I hope you found this article useful.

–Kevin

By Kevin Lam | Posted in Articles | Leave a Comment

LOCKBOX Version 1.2 is going live tonight!

July 22, 2010 – 3:00 pm

Tonight from 11:00 pm to 1:00 am we are scheduled to take down the production servers and upgrade them to the new Release 1.2 bits. This one is exciting from a development and quality perspective because it includes:

  • Several of performance improvements
  • New administrator panel features
  • A new reporting component for sender accounts to track account activity

We love hearing from our users, so log into your accounts after the upgrade and let us know what you think (or if you run into any issues) at support@golockbox.com.  Enjoy,

–Kevin

By Kevin Lam | Posted in Blog | Leave a Comment

LOCKBOX Version 1.1 is going live tonight!

July 14, 2010 – 5:23 pm

After several weeks of hard work and long hours into the morning, LOCKBOX v1.1 is scheduled to go live later tonight.  This release features:

  • An easier and cleaner interface for both users and domain administrators
  • Several performance upgrades.
  • Enhancements to our proprietary account protection scheme.
  • A subscription and payment component which will allow public users to sign up for LOCKBOX.

If you did not get the email that was sent earlier this week, the LOCKBOX service will be down for this upgrade starting at 11:00 pm (07/14/2010, Pacific Time) and coming back online at the latest 1:00 am.

As a final note, I want to say thanks to all our beta testers who provided some tremendous feedback. As the primary developer of LOCKBOX, it gives me so much satisfaction to see how LOCKBOX has evolved from where it was months ago (an ok-to-good service)  to the great service it is today, and I know that it could not have been possible without our beta testers — so my deepest thanks to those folks!

–Kevin

By Kevin Lam | Posted in Blog | Leave a Comment

LOCKBOX Version 1.0 is released

June 25, 2010 – 9:20 pm

It’s been a long and exciting couple of months, but after getting tons of feedback from our set of great beta testers, implementing their suggestions and improving the overall quality of LOCKBOX, I am happy to announce that version 1.0 of the service has gone live!  We’re cleaning up our public Web site at www.golockbox.com as well and getting ready for the final launch so more exciting news to come.

–Kevin

By Kevin Lam | Posted in News | Leave a Comment

The LOCKBOX security research and development team gets recognized in April 2010 by Microsoft Corporation

May 26, 2010 – 9:34 pm

Microsoft recently acknowledge the LOCKBOX research and development team (the same folks over at Impacta) for their security research work and helping Microsoft Corporation keep their online customers safe from malicious hacker attacks and other online threats.

Check out Microsoft’s security researcher acknowledgement page for more information.

–Kevin

By Kevin Lam | Posted in News | Leave a Comment

LOCKBOX Beta 1.2 is released

May 25, 2010 – 4:54 pm

I am proud to announce that Beta 1.2 of our LOCKBOX platform has been released this past weekend.  It includes numerous code fixes that help better protect your sensitive data and improve reliability.  If you haven’t signed up for your beta account yet (or activated yours), do it soon!

–Kevin

By Kevin Lam | Posted in Blog | Leave a Comment
Follow

Get every new post delivered to your Inbox.