Categories
Industry Insights IT Solutions Managed IT Services

Gmail is back from Easter outages

This past weekend, Google Gmail users faced downtime due to an issue with SSL security certificates.

Gmail users were shown a large amount of error messages and safety warnings as Google’s SSL certificate for the service expired without being renewed.

What is a SSL Certificates?

A SSL Certificates is a file that digitally binds a cryptographic key to an organizations. When the SSL certificate is installed on a web server, it activates the padlock and the https protocol (over port 443) and allows secure connections.  SSL certificates are used to secure credit card transactions, data transfer and logins and now even social media sites.

What was the Gmail SSL certificate issue?

On April 4th, when Gmail users tried to send email, it would result in an error. Google has admitted that the problem affected a majority of Gmail users and that the issue was caused by “smtp.gmail.com” security certificate appearing as invalid.

The issue was caused by a simple mistake. Google had forgotten to renew the security certificate for Gmail. The error primarily affected people using Gmail in email client programs and apps such as Microsoft Outlook, OS X Mail or Windows Live Mail, alongside Google’s own Gmail app.

How does the Gmail SSL certificate issue affect your business?

Many companies do not realize it but they each have their own SSL security certificates for multiple services including if you have an internal email server. It is very important that such certificates get renewed in a timely manner to reduce downtime or other IT technical issues.

365 iT SOLUTIONS offers industry leading IT services including Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Take advantage of our Complimentary Network and Security Assessment by 365itSolutions.com

Categories
Industry Insights IT Solutions Managed IT Services

FREAK’ encryption flaw compromises Windows

All active versions of Microsoft Windows are vulnerable to FREAK encryption flaw that leaves systems vulnerable to having their electronic communications intercepted.

IT security experts originally thought that Safari and Android were the only ones vulnerable to this flaw however Microsoft warned that the encryption including Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are also vulnerable. Microsoft has investigated and verified that the vulnerability could allow an attacker to exploit this vulnerability.

Industry researchers have stated that there was no evidence hackers had exploited.  A new security advisory released by Microsoft stated that all supported versions of Windows including its Server products are vulnerable to FREAK attacks.

FREAK attacks by downgrading the cipher suites used in Secure Sockets Layer (SSL) and Transport Layer Security (TLS) connections.

The FREAK vulnerability is linked to the US government’s ban on exports of software featuring strong encryption in the early 1990s, where only 512-bit RSA keys were allowed for export. Of more than 14 million websites scanned for the FREAK, over 36 percent of them were found to be vulnerable.

How do you protect yourself from “Freak” encryption flaw?

Simple. Windows users can obtain March’s Patch Tuesday slate, including the FREAK fix, via the Windows Update service, as well as through the enterprise-oriented WSUS (Windows Server Update Services).

365 iT SOLUTIONS is a leading managed services provider (MSP) in Toronto delivering a wide variety of industry leading IT consulting services including Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Take advantage of our Complimentary Network and Security Assessment 

Categories
Industry Insights IT Solutions Managed IT Services

FREAK’ encryption flaw compromises Windows

All active versions of Microsoft Windows are vulnerable to FREAK encryption flaw that leaves systems vulnerable to having their electronic communications intercepted.

IT security experts originally thought that Safari and Android were the only ones vulnerable to this flaw however Microsoft warned that the encryption including Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are also vulnerable. Microsoft has investigated and verified that the vulnerability could allow an attacker to exploit this vulnerability.

Industry researchers have stated that there was no evidence hackers had exploited.  A new security advisory released by Microsoft stated that all supported versions of Windows including its Server products are vulnerable to FREAK attacks.

FREAK attacks by downgrading the cipher suites used in Secure Sockets Layer (SSL) and Transport Layer Security (TLS) connections.

The FREAK vulnerability is linked to the US government’s ban on exports of software featuring strong encryption in the early 1990s, where only 512-bit RSA keys were allowed for export. Of more than 14 million websites scanned for the FREAK, over 36 percent of them were found to be vulnerable.

How do you protect yourself from “Freak” encryption flaw?

Simple. Windows users can obtain March’s Patch Tuesday slate, including the FREAK fix, via the Windows Update service, as well as through the enterprise-oriented WSUS (Windows Server Update Services).

365 iT SOLUTIONS is a leading managed services provider (MSP) in Toronto delivering a wide variety of industry leading IT consulting services including Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Take advantage of our Complimentary Network and Security Assessment