HighSide Blog

Your source for insights on the secure collaboration, data security, compliance and access control markets.

Cryptography & Cybersecurity [3 Minute Video] HighSide CSO dishes on “Dark Halo”, The First Global Microsoft 365 Breach Listen to HighSide CSO Aaron Turner give a 3 minute “deep-dive” on the Dark Halo attack, detailing how adversaries exploited vulnerabilities in Microsoft Teams to gain access to sensitive, proprietary and regulated data.

HighSide Staff • 1 min read

Cryptography & Cybersecurity Why can’t I use SFTP for secure file transfer? With most businesses still adapting to the new normal of remote and decentralized work, we wanted to take a quick look at two of the tools / techniques some businesses have dusted the cobwebs off of to share data with their employees and partners around the world – FTP, SFTP, and FTPS.

HighSide Staff • 4 min read

Compliance Understanding & Meeting UK MOD’s DEFCON 658 Regulatory Framework Like CMMC in the United States [https://highside.io/blog/people-process-technology-understanding-what-cmmc-means-for-your-organization/] , The UK Ministry of Defence’s (MOD) DEFCON 658 [https://www.gov.uk/government/publications/defence-condition-658-cyber-flow-down] is a cybersecurity regulatory framework that applies to any organisation doing business with the MOD. The goal of DEFCON 658 is to protect

Evan Blair • 2 min read

Compliance People, Process & Technology: Understanding What CMMC Means For Your Organization In Monty Python and the Holy Grail, Sir Lancelot charges guards at a castle’s gates, but abnormally. There is repeated footage of a distant charging Sir Lancelot alternated in with footage of the peaceful guards. Each time the camera cuts back to Sir Lancelot, he is charging from the

Evan Blair • 4 min read

Engineering HighSide’s Distributed Private Root of Trust Cryptography Explained Last updated 1/13/21 This is a technical overview of how HighSide’s encrypted messaging & file sharing works for those who are interested in specifics. You do not need to read or understand any of this to use HighSide correctly unless you are the admin for your team

Jonathan Warren • 11 min read

Cryptography & Cybersecurity The State of in-Security in Collaboration & Cloud File Sharing Applications Data security, privacy and access integrity has never been more at risk. In this post we’re going to talk about how the communication, file sharing and file storage layers have become a huge security vulnerability for organizations of all sizes, why, and what you can do about it. Your

Brendan Diaz • 16 min read

Cryptography & Cybersecurity HighSide CSO Aaron Turner dishes on Zoom and the (in)security of modern business technology on the RSA Conference Podcast TikTok and Huawei are probably two of the most notable Chinese technology companies that are enveloped in policy debates. The US government’s most recent actions against TikTok could be an indication of future actions that could be taken against Chinese technology companies. Join us for the important discussion about

Evan Blair • 1 min read

News O365 Security: You Get What You Pay For…. US Treasury & Commerce Hacks Expose Microsoft It was made aware to the public via media reporting that a group of sophisticated attackers had gained unauthorized access to internal US Treasury and Commerce Department systems [https://www.theguardian.com/technology/2020/dec/13/us-treasury-hacked-group-backed-by-foreign-government-report] . Now, we don’t have the full technical details of how these compromises

Aaron Turner • 5 min read

Compliance COVID-19: How Your Organization Can Stay Compliant & Secure While Working From Home According to the World Health Organization, COVID-19 is now officially a pandemic [https://www.npr.org/sections/goatsandsoda/2020/03/11/814474930/coronavirus-covid-19-is-now-officially-a-pandemic-who-says?t=1584016069908] . The impact of COVID-19 struck close to home for me this week as at least two attendees at the annual RSA Conference fell ill to

Aaron Turner • 5 min read

Cryptography & Cybersecurity What The Bezos Phone Hack Means For Business Executives This article was originally published on Silicon Luxembourg [https://www.siliconluxembourg.lu/what-the-bezos-phone-hack-means-for-business-executives-in-luxembourg-and-worldwide/] on Feb. 4th, 2020 For the last several months, many of us in the mobile technology security community have heard rumors about Jeff Bezos’ iPhone. Not that he had access to a special new model or something

Aaron Turner • 4 min read