Successfully reported this slideshow.

Secure webforms from ANON::form

0

Share

Loading in …3
×
1 of 11
1 of 11

Secure webforms from ANON::form

0

Share

Download to read offline

ANON::form offers a complete solution for secure web contact and other forms sent as e-mail. ANON::form meet all existing requirements for not only security, but also anonymity and privacy.

ANON::form offers a complete solution for secure web contact and other forms sent as e-mail. ANON::form meet all existing requirements for not only security, but also anonymity and privacy.

More Related Content

Related Books

Free with a 14 day trial from Scribd

See all

Related Audiobooks

Free with a 14 day trial from Scribd

See all

Secure webforms from ANON::form

  1. 1. ANON::form when privacy is important “We believe in a world with a free flow of data and information, with freedom of expression without retaliation and with respect for human rights.” anonform.com #privacy #gdpr #cybersecurity #infosec (The ANON::form Team)
  2. 2. ANON::form the short story… ANON::form offers a complete solution for secure web contact and other forms sent as e-mail. ANON::form meet all existing requirements for not only security, but also anonymity and privacy. Such as:  Registration forms for whistleblowers (important!)  News tip forms for journalists  Contact forms for lawyers  Sickness leave and similar forms for employees  Business lead and contact forms  Order forms without a backend system  and all other kind of forms where privacy matters… Do not leave your contact forms to be the forgotten weakest link in your cyber security! Get in touch! anonform.com #privacy #gdpr #cybersecurity #infosec
  3. 3. Who should have the right, or even the opportunity, to read your communication? The obvious answer should be; I who send and you who receive the message! In reality, it does not work that way at all. In fact, there are quite a few who have access to your digital communications; everything from the staff who take care of the systems that handle your messages, to cybercriminals who break in or steal on the road, to authorities who, under various pretexts, request access. And when a message is sent, data is created and saved in various cache, intermediate storage, logs, metadata, etc. In some cases, your message can be saved complete with not only the content in clear text, but also info about sender, recipient, time and a lot of other sensitive data, in a forgotten server log. This is, of cause, also true for all web forms who use e-mail as transport layer and end up in some user mailbox. This is important to consider, not only in matters of GDPR or other regulations, but also in terms of profiling or economic and industrial espionage. Web forms sent by e-mail are still the most common type of contact form, but also the most overlooked when it comes to security and privacy. Interesting? Read more here… anonform.com #privacy #gdpr #cybersecurity #infosec
  4. 4. It can be stated that the security and anonymity of e- mails is still downright lousy. The absolute majority of sent e-mails are completely unprotected. I the beginning, all e-mail traffic was sent and stored in clear text. Modern e-mail systems of today encrypt the transfer and run at secure servers. But all messages are still sent and stored as clear text. Some major e-mail systems do encrypt messages, but only when stored. Providers claim and sell these systems as "Secure E-mail“. But be aware; all messages are still accessable by the system and the system personnel. anonform.com #privacy #gdpr #cybersecurity #infosec
  5. 5. True secure e-mail communication require End-to- End Encryption (E2EE). Anonymous communication require no logs, no caches, no cookies, no tracking. In true End-to-End Encryption, encryption occurs at the device level. That is, every message or file is encrypted before it leaves the phone or computer and isn't decrypted until it reaches its destination. But be aware that all communication still generate a lot of metadata about sender, receicver, timestamps, device, place etc stored in logs, cache, cookies and tempfiles. Metadata can be used for tracking, profiling and even revealing a sender who must be anonymous. Interesting? Read more here… anonform.com #privacy #gdpr #cybersecurity #infosec
  6. 6. “The EU is committed to having a well functioning democratic system based on the rule of law. That includes providing a high level of protection across the Union to those whistle-blowers who have the courage to speak up. No one should risk their reputation or job for exposing illegal behaviours.” From 2021, the EU requires that all public activities and companies with more than 50 employees, municipalities with more than 10,000 inhabitants and organizations that are sensitive to money laundering or terrorist financing be required to create safe, effective and efficient reporting channels that guarantee protection against whistleblower retaliation. Other example of where protected reporting (whistleblowing) channels are required are tip reception for journalists, newspapers and other media. Anyone who uses this channels must dare to trust that confidentiality and anonymity are maintained throughout the process. Interesting? Read more here… anonform.com #privacy #gdpr #cybersecurity #infosec (Anna-Maja Henriksson, Finland’s Minister of Justice)
  7. 7. ANON::form about the service… The ANON::form service are built for privacy. Beside true End-to-End Encryption (E2EE), everything are locked down and wrapped in multiple security and anonymous layers. All form data are encrypted already in the form and sent by encrypted transport directly to the receiving e-mail system, to be stored encrypted. And decrypted in the receiver e-mail application only. The ANON::form service do not store anything in the browser or in any system server log. The visible sender of the message is the service itself. All standard forms are responsive with all images and code embedded. Full language support are provided by language libraries. Three domains are available. Forms can be embedded in your website or be used standalone. But you are, of cause, free to design your own forms and use your own domain. With some assistance from us. anonform.com #privacy #gdpr #cybersecurity #infosec
  8. 8. ANON::form about the technical… The ANON::form system is a hybrid solution where the form content is encrypted in the browser and then sent to a back-end system which, after “delousing” and control, sends the content to a secure e-mail recipient where the content is decrypted in the recipient’s e-mail client. Please note; ANON::form does not provide any e-mail service. The recipient must have at least one secure e-mail box that supports PGP. Either from an external provider, or in their own existing system. We can assist to create that part when needed, there are even free solutions available. The back-end system also generates forms from templates and language libraries which provides great, almost endless, opportunities to create custom forms for most existing needs, well integrated into existing solutions. We offer three different domains for our forms according to "[your shortcode].domain.tld"; sec.contact, secure.ax and turvaisa.fi. We support other domains and can both register and administer domains and required certificates when needed. anonform.com #privacy #gdpr #cybersecurity #infosec
  9. 9. ANON::form privacy and security…  E2EE encryption with OpenPGP; private key generated, owned and managed by the user  Transport encryption with SHA256/RSA 2048 bits/TLS 1.2+  Multiple firewalls, DDoS protection, active intrusion system with IP blacklisting, anti injection protection  Our servers are located in Europe and are operated by European providers  One-time fetch; all images and code are embedded in page  Zero Access, stored encrypted  No-Trace Policy for messages; no logs, nothing saved in computer or browser, no external services embedded  Spam protection with locally installed Captcha service  Compliant with GDPR, PCI DSS, HIPAA and NIST. Receive A+ rating from Qualsys SSL Labs and ImmuniWeb anonform.com #privacy #gdpr #cybersecurity #infosec
  10. 10. ANON::form the pricing model…  We charge a monthly service fee based on user services, paid for in advance. The minimum subscription time is 3 months. Long term subscriptions and 6+ months pre-payments entitles to a discount.  We charge a one-time fee for the set-up of the service.  We offer a Basic package who include our 4 standard forms, 3 standard languages and one standard subdomain. You may use your own logo and CSS at no extra cost.  All customization, including language libs, made or handled by us are charged for as one-time fees. Extra or customized forms, domain(s) and certificate(s) are charged for in the service month fee.  Services used to receive our form submissions are managed and charged for by the used service provider. Support or installations we perform are charged as consulting work. Please visit our website for current prices and conditions. anonform.com #privacy #gdpr #cybersecurity #infosec
  11. 11. The next step… Do not leave your contact forms to be the forgotten weakest link in your cyber security! As you have learned in this presentation; ANON::form provide you with a world class secure channel, affordable and easy to implement in your existing solution. anonform.com #privacy #gdpr #cybersecurity #infosec Get in touch!

×