Data Protection & Cybersecurity
Oracle Cloud added a region in Zurich in August 2019 providing IaaS and PaaS services to public cloud customers who want to host their data in Switzerland. Some of the reasons that Oracle cited for opening their third European region in Switzerland were “neutrality, legal certainty, political stability and security.”
Minio is an on-premises object storage server that can be deployed as a Minio cluster (with local storage) or as a gateway to other object storage services with their own API such as Backblaze B2, Azure Blob Storage, and Google Cloud Storage. Because Minio exposes a S3 compatible endpoint, virtually any application that supports the AWS SDK can be integrated with it. According to Minio, half of the Fortune 500 have deployed Minio for storage, including for cloud-native workloads such as Kubernetes.
When most people think about the dark web, they think it’s a sketchy place where the ne’er-do-wells of the Internet gather. Despite its negative connotations to the less informed, the dark web made up of Tor hidden services has legitimate purposes. What is a Tor hidden service? It is a web server listening on the Tor network at an .onion address instead of a standard domain name like .com or .org. All of the traffic to and from a hidden service are end-to-end encrypted through Tor relays – without the need for an SSL certificate.
Cloud-based object storage is one of the most cost-effective ways to achieve large quantities of scalable storage for a NextCloud instance. Thanks to NextCloud’s support for using an S3 (compatible) primary storage backend, this option is available from small businesses to enterprises of all sizes.
The NextCry strain of ransomware has made the headlines for infiltrating some improperly configured NextCloud servers, leaving many organizations asking, “Is NextCloud still secure to store my critical data?” The answer to that question is unequivocally, “yes.”
ProtonMail is the most well known encrypted email service in Switzerland, and perhaps the world. It began as a crowdfunded project initiated by a team of researchers at CERN, growing into the full-fledged email service it is today. Like we mentioned earlier, we love ProtonMail and their contribution to the browser-based encryption library, OpenPGP.js. What fewer people know though is that it’s possible to host your own email server in Switzerland – and use OpenPGP and/or S/MIME to exchange encrypted email.
Linux Unified Key Setup (LUKS) is a specification for disk encryption across Linux distributions. It relies on dm-crypt, a kernel module that uses the passphrase selected by the user to encrypt and decrypt data on-the-fly on a LUKS volume, and make the filesystem mountable from a virtual device-mapper block device. The cryptsetup utility is used to create and manage LUKS volumes.
Last week, Docker Inc’s reorganization where it sold its Docker Enterprise business to Mirantis, and received $35 million in fresh VC funding to focus on developer tooling shook the container and virtualization industry. Loyal users of Docker Swarm, the orchestration solution pushed by the company that kicked off the container revolution, are picking up the pieces and asking about the future of SwarmKit, the open source project behind Swarm.
Two factor authentication, or 2FA for short, is a standard security practice that most web-based services that rely on user logins have adopted to reduce the risks arising from password reuse and data breaches across the Internet. Mautic doesn’t have a 2FA feature out of the box, but using either SAML/SSO integration or a Google Authenticator plugin, you can beef up the security of the Mautic dashboard with device-based two factor authentication.
Did you know that you can host your own email server with Mailcow and use the same OpenPGP.js libraries maintained by ProtonMail to exchange emails securely using PGP encryption? We are huge fans of ProtonMail, and we even use it for our company email, but some organizations simply require a self-hosted email server that they can host on their custom architected infrastructure.
Without encryption, plain text email messages can be easily intercepted and tampered with in-transit. Modern email servers, especially major webmail providers such as Gmail or Outlook.com, do typically exchange emails over SSL/TLS connections, reducing the likelihood of tampering, but this does not equate to zero-knowledge, end-to-end encryption. An email provider could be compelled by the authorities to decrypt and hand over the messages, either during the transmission process or when they land in a users’ inbox.
Only with open source marketing automation & web analytics platforms, such as Mautic and Matomo, do you have the opportunity to choose the geographical location of the data center where to host your infrastructure. Switzerland is located in close proximity to major Western and Central European markets with top-tier telecom infrastructure, making it an ideal place to host any web application with low latency for a European audience.
Post-IBM acquisition Red Hat has crippled Docker on the inaugural release of CentOS 8, in a bid to force users to switch to podman (Pod Manager), the container engine backed by the company. Although the supporters of Podman argue that podman’s daemonless and rootless design make it more lightweight & secure than the Docker daemon, Podman has no orchestration features other than the ability to generate kubectl configuration files, which makes it a non-starter for Docker Compose and Swarm users.