LOGO
 

Secure Communications

There are two principal ways to protect communications data: encrypt individual packets of information as they pass through a transmission medium or provide an encrypted tunnel through which data can freely pass.

Confidentiality

An encryption algorithm provides a means to keep information secure. Systems typically use a combination of standard symmetric (same key) and asymmetric (public - private key) algorithms within an overall cryptographic protocol.

Authentication

Digital signatures are cryptographic algorithms that enable verification of the identity of received information. This is useful both for controlling access to systems and resources as well as providing proof of the originator of transmitted data.

We develop and maintain high security communication systems for the benefit of our clients and their customers.

Resilient and secure management of cryptographic keys is a crucial part of any system.

Integrity

Digital signatures and message authentication codes provide a means to check the integrity of data received or retrieved. This ensure the data is genuine and hasn't been manipulated in transit.

Non-repudiation

For legal compliance it is often necessary to prevent deniability, especially in the context of sending a message. Cryptographic signatures provide a means of demonstrating who must have transmitted or created signed data.

Cryptography for Data Protection Compliance

Businesses and organisations need to use appropriate technical and procedural security mechanisms to comply with data protection legislation such as the GDPR and UK DPA 2018.

A common misconception is to assume email provides a secure end-to-end communications channel whereas email typically passes unencrypted through multiple mail servers before reaching its destination.

Personal data should be protected when stored and transmitted and this can be achieved through the use of secure file transfer services in place of email.

Legacy Systems

Many of our customers have old systems that they no longer know how to maintain or support.

Maybe you've got a Unix server in your IT room and your staff are all trained in modern web technologies.

A legacy system may run old versions of Windows, Linux or Unix, or perhaps comprise dedicated hardware running embedded software.

Regardless of the type of system there are essentially three options you can take: support, maintain or replace.

Support

Providing operational support for a legacy system is something that will inevitably have to occur, at least in the short term, regardless of the ultimate plan.

If this is critical system, the most pressing issue is probably mitigating against catastrophic failure. Ideally, you'd want a backup system ready to take over but this might not be possible to commission if hardware has become obsolete. Virtualisation can sometimes provide a solution where hardware cannot be obtained.

Security isolation is another important consideration as modern internet security software will prove ineffective and most likely won't even run on the old platform.

Maintenance

If you intend to keep the system running, you may need to make modifications to it. Software source code may require the use a compiler which won't run on any modern machine. This means you'll either need to build the code on the target or, more safely, on spare hardware. Again, virtualisation may help replicate an appropriate build environment.

Replacement

There will always come a point in time where a system costs more to maintain than it does to replace. An off-the-shelf replacement will usually be cheapest but you may need to customise a new system or even build something bespoke to meet your needs.