On Thu, Aug 12, 2010 at 11:13 AM, R P Herrold
<herrold@owlriver.com> wrote:
On Thu, 12 Aug 2010, Lisa Kachold wrote:
My question echoes that of Joe Friday:
"All we want are the facts, ma'am"
There are too many links to reference.
This is common security knowledge.
Maximum SecurityKaseya designed the Integrated IT Software Suite with comprehensive security throughout. The Kaseya design team brings over 50 years of experience designing secure systems for government and commercial applications. Kaseya applied this experience to uniquely combine ease of use with high security.
Kaseya Agent
The Kaseya platform architecture is central to providing maximum security. Each computer managed has a small agent installed. The agent initiates all communications back to the server. Since the agent will not accept any inbound connections, it is impossible for a third party application to attack the agent from the network.
Firewalls
Kaseya does not need any input ports opened on client machines. This lets the agent do its job in any network configuration without introducing susceptibility to inbound port probes or new network attacks.
Encryption
Kaseya protects against man in the middle attacks by encrypting all communications between the agent and server with 256-bit RC4 using a key that rolls every time the server tasks the agent, typically at least once per day . Since there are no plain text data packets passing over the network, there is nothing available for an attacker to exploit.
FISA warrants may be disliked but have been judicially upheld [footnote 89 in the wiki article]. As that article notes one may structure one's affairs to address the possibilities they afford the US federal government [how being out of scope here]
-- Russ herrold