As a cyber risk leader, with all the NSA snooping going on, you need to know which service providers are protecting your data as it scoots around the Internet.
Good news! The Electronic Frontier Foundation (EFF) has published a useful infographic to help you figure out where you stand. Note:
- Double-check missing and planned items with your service providers.
- Currently, only 8 of the providers offer all five encryption strategies recommended by the EFF.
- Companies that have firm plans with dates have been awarded a green box.
- There are quite a few notes at the bottom that you should look at.
- AT&T, Comcast, and Verizon have implemented none of the strategies. Is there some industry reason?
(Click the graphic below to enlarge.)
Here are short definitions and links for each strategy:
- Encrypts data center links — Protects data transfers over the Internet between data centers, usually with SSL/TLS.
- Supports HTTPS — Good ol’ fashioned SSL/TLS.
- HTTPS Strict — A way for servers to require capable web browsers to use Forward Secrecy (an important, but obscure technical protection).
- STARTTLS — A way to encrypt email.
The EFF published their infographic as part of an article. They’ve updated it many times already.
Did anything you see in the infographic make you want to switch providers? Which ones?