Often, we find people are familiar with “technology terms” they’ve heard in discussion or perhaps they’ve read about it or maybe they even have exposure to some complex technology at work. Yet, when it comes down to fully understanding the nitty gritty about that technology, they often admit that theirs is but a working knowledge of that technology. We think that’s fair enough because everyone has been in that situation before – nothing to be ashamed of.

FINRA is requiring that all members use 256-bit AES encryption on their data if they use portable storage devices such as CD, DVD or flash drives. Now, you probably don’t want the scientific description of the 256-bit AES algorithm but if you did, there are plenty of articles all over the Internet that can explain the nuts and bolts.

What we think people want to know is… “Just gimme the high-level overview”, so we will:

In today’s complex world and even more complex communicating environments, the need for protecting information takes on added importance and significance.

The NSA, which is our government’s National Security Agency, conducted a review and analysis of AES encryption to satisfy Information Assurance (IA) requirements associated with the protection of national security information. Their findings were…

The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths.

So basically FINRA is mandating that their members use encryption that at one time was the same encryption applied to TOP SECRET documents. No doubt NSA has upgraded their encryption standards as available facts about security over the Internet have been well established and data protection has only improved over the years. Still, it’s good to know that FINRA is setting a standard for protecting customer records and suggesting a responsible level of encryption.

Imagine this, line up 256 numbers in a row…

123456781234567812345678123456781234567812345678

123456781234567812345678123456781234567812345678

123456781234567812345678123456781234567812345678

123456781234567812345678123456781234567812345678

123456781234567812345678123456781234567812345678

1234567812345678

Now that you see 256 numbers in a row, imagine all the different variations it would take to “unlock the combination”.

To put it simply, decrypting 256-bit encryption becomes a formidable task and therefore less probable.

At Filetwin, we’ve been using 256-bit encryption levels which are computationally unfeasible to crack. Our security architecture was specifically designed to provide corporate customers with the ability to trasmit mission-critical data over the Internet while also providing them with the necessary assurance that no one could decrypt their data.

  Copyright secured by Digiprove © 2010

We thought we’d make it easy to find the content for the 3rd Party Letter since we wrote about it in our last article. If you need the text for your own purposes, please feel free to cut and paste it out of this blog post.

Keep in mind that the letter needs to be a formal letter and we’d suggest some customization along with a few edits that personalize it to your respective examining authority.

The undersigned hereby undertakes to furnish promptly to the U.S. Securities and Exchange Commission (“Commission”), its designees or representatives, any self-regulatory organization of which it is a member, or any State securities regulator having jurisdiction over the member, broker or dealer, upon reasonable request, such information as deemed necessary by the staffs of the Commission, any self-regulatory organization of which it is a member, or any State securities regulator having jurisdiction over the member, broker or dealer to download information kept on the broker’s or dealer’s electronic storage media to any medium acceptable under Rule 17a-4.

Furthermore, the undersigned hereby undertakes to take reasonable steps to provide access to information contained on the brokers or dealers electronic storage media, including, as appropriate, arrangements for the downloading of any record required to be maintained and preserved by the broker or dealer pursuant to Rules 17a-3 and 17a-4 under the Securities Exchange Act of 1934 in a format acceptable to the staffs of the Commission, any self-regulatory organization of which it is a member, or any State securities regulator having jurisdiction over the member, broker or dealer. Such arrangements will provide specifically that

in the event of a failure on the part of a broker or dealer to download the record into a readable format and after reasonable notice to the broker or dealer, upon being provided with the appropriate electronic storage medium, the undersigned will undertake to do so, as the Commission’s staff or its designee may request.

Remember, if you’d prefer to speak directly with one of our Backup Advisors, please feel free to contact us 1 877 310-2884.

  Copyright secured by Digiprove © 2010