Security News

Google this week announced that it has released open source tools and libraries that can be used by developers to implement fully homomorphic encryption. FHE enables the processing of encrypted data without providing access to the actual data.

Google this week announced the introduction of client-side encryption in Google Workspace, which is meant to provide users with control over the encryption keys used to keep their data safe. Organizations that store sensitive or regulated data will benefit the most from the new feature, which helps them meet compliance requirements for CJIS, EAR, IRS 1075, ITAR, and TISAX. Client-side encryption works with key access service partners Flowcrypt, Futurex, Thales, and Virtru, which will be responsible for holding the key to decode Google Workspace data.

Google Workspace has been updated with client-side encryption and new Google Drive phishing and malware content protection. Enabling Client-side encryption for a document will only allow you and your partner who holds the key to access the contents of the encrypted Google Workspace files.

Back in October, a call by spy agencies to weaken end-to-end encryption "Because of the children" provoked a bit of analysis on how many times UK Home Secretaries had banged the same drum. Finally, because we must Think Of The Children, we can skip back into the distant days of last month, when the German police closed down the world's biggest paedophile picture palace, despite it being on what the world calls the Big Scary Darknet and what we know as the internet but with extra relays.

Google on Monday announced that it's rolling out client-side encryption to Google Workspace, thereby giving its enterprise customers direct control of encryption keys and the identity service they choose to access those keys. The development coincides with the Google Workspace and Google Chat's broader availability to all users with a Google account.

Qrypt announced a web portal that provides access to a quantum cryptography API. This will allow most businesses to integrate the highest level of security into their applications, according to the company. The company's Cloud Entropy Portal provides quantum-safe random numbers for any application, especially cryptographic key generation.

Security and IT professionals in the Middle East are demonstrating a rising desire to secure critical applications and data, driving higher encryption adoption for newer use cases like containers and IoT platforms, as well as for email and private cloud infrastructures. Encryption adoption for private cloud infrastructure is up.

Microsoft Teams is getting better security and privacy next month with the addition of end-to-end encrypted 1:1 voice calls. While Microsoft Teams already encrypts data at rest and in transit, it allows administrators to configure automatic recording and transcription of voice calls.

32% of organizations have seen an increase in device encryption in the past year, according to a Vanson Bourne survey. 31 percent noted that their organization now requires all data to be encrypted as standard, whether it's at rest or in transit, and 24 percent require the encryption of all data when it's being stored on their systems or in the cloud.

Mozilla Thunderbird spent the last couple of months saving some users' OpenPGP keys in plain text - but that's now been patched, the author of both the bug and the patch fixing it has told The Register. The vulnerability, assessed as "Low" impact by Mozilla, existed in the free open source Thunderbird email client between version 78.8.1 and version 78.10.1 after a crestfallen maintainer realised carefully designed protections were in fact not protecting users' private OpenPGP keys.