Are Web service providers encrypting their data?

The Electronic Frontier Foundation has published an infographic list showing the Web service providers that encrypt or don’t encrypt their users data as it traverses the Internet.

The list derives from the foundation’s Who Has Your Back Program, which surveys Web service providers to find out if they are implementing the foundation’s best practices for encryption.

The recommendations call for Web service providers to protect users’ data by: 1) Encrypting their websites with Hypertext Transfer Protocol Secure (HTTPS) by default; 2) Flagging all authentication cookies as secure; 3) Enabling HTTP Strict Transport Security (HSTS); 4) Implementing STARTTLS for email transfer; and 5) Using forward secrecy for their encryption keys.

Of the Web service providers surveyed, only four – Google, Dropbox, SpiderOak and, received a passing mark in all five points. This infographic shows how they all fared. You may read the original posting here.
Encrypted Web services https

Related Posts

Related Post:  More than 300,000 routers in homes and small businesses hacked

Leave a Reply

Your email address will not be published. Required fields are marked *