We could hardly believe it when the news broke 3 January 2018 that modern processors have design flaws that might be utilized by attackers to break the security of passwords and other sensitive data.
The flaws allow for attacks categorised as Meltdown and Spectre.
Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system.
Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets.
At the time Meltdown and Spectre became known to the public, most hardware and operating system manufacturers already had released patches for their products.
Security in the cloud
Securing internal systems
To secure our internal systems and devices, Dynaplan applies the latest updates from the vendors to reduce the risk of breaches. We recommend our customers and followers to always stay up-to-date when it comes to system updates.
Increase security with encryption
Encryption gives an extra layer of security against current and future vulnerabilities and security threats. Shared Smia models are always encrypted when stored and transferred. This means that attackers will not be able to open models that are obtained by hacking servers or tapping communication channels. To reach the highest level of protection, also for models that are not stored in the Dynaplan cloud, we recommend that all models containing sensitive information are encrypted. The easiest way to do this, is to use Smia’s built-in key encryption feature.