Blog

Cybersecurity Best Practices - Leveraging a VPN

Sometimes cybersecurity can seem like rocket science! Wouldn’t it be nice if there was a single, easy-to-implement, easy to use tool that was really effective when it comes to ensuring network security? Well, there is such a tool, and it has been around for a long time – the Virtual Private Network (VPN). A VPN is a service that creates a secure, encrypted connection between your device and the Internet. It essentially acts as a tunnel through which your Internet traffic passes, shielding your data from prying eyes and making your online activities more private and secure.


How it Works

Encryption: When you connect to the Internet through a VPN, your data is encrypted. This means that even if someone intercepts your data, they won't be able to read it without the encryption key. This encryption protects sensitive information like passwords, credit card details, and personal communications from being accessed by unauthorized parties.
IP Address Masking: A VPN masks your real IP address by routing your Internet connection through a server in a different location. This makes it appear as though you are browsing from that server's location, not your actual physical location. This helps in protecting your identity and privacy online.
Secure Connection: VPNs establish a secure connection between your device and the VPN server. This connection is often referred to as a "tunnel," which ensures that all data passing through it is safe from eavesdroppers, especially when using public Wi-Fi networks.
Enhanced Privacy: By encrypting your traffic and masking your IP address, a VPN provides a higher level of privacy. It prevents websites, ISPs, and third-party trackers from easily identifying your online behavior and tracking your browsing habits.
 

Why It’s Important

Using a Virtual Private Network (VPN) is important in personal cybersecurity for several reasons:
Privacy Protection: A VPN encrypts your Internet connection, making it difficult for third parties – such as hackers, government agencies, or even your Internet Service Provider (ISP) – to monitor your online activities. This encryption ensures that your personal information, such as browsing history, passwords, and financial data, remains private.
Anonymity: By masking your IP address, a VPN allows you to browse the Internet more anonymously. This means that websites, advertisers, and other entities cannot easily track your location or identify you based on your online behavior.
Security on Public Wi-Fi: Public Wi-Fi networks are often unsecured, making them a prime target for cybercriminals looking to intercept data. A VPN adds a layer of security by encrypting your connection, protecting your data from being intercepted by malicious actors.
Protection from Targeted Attacks: Cybercriminals target individuals by identifying their IP addresses. By masking your IP address with a VPN, you reduce the risk of being targeted by attacks, including Distributed Denial of Service (DDoS) attacks.

If you believe that a VPN could improve your overall cybersecurity posture, or if you simply have more questions about their capabilities and functionality, our cyber advisors are here to help! Reach out to us at help@parallaxe.us with your questions about VPNs or any other cybersecurity issue.

Source: The Project Spectrum Team - 8/22/24

New Release 

Formal Launch of New OFAC Sanctions List Service Application

05/06/2024

OFAC has deployed its new Sanctions List Service (SLS). SLS is now the primary application OFAC will use to deliver sanctions list files and data to the public.

SLS includes support for all OFAC legacy and modern sanctions list data files.

While certain sanctions list data are now hosted within the SLS cloud, existing links to OFAC list files remain functional through URL redirects.

The Sanctions List Service application incorporates the traditional OFAC Sanctions List Search tool which will continue to be available at https://sanctionssearch.ofac.treas.gov/.

OFAC will have more information to share in the coming days. Users in need of technical support should contact OFAC at O_F_A_C@treasury.gov.


How do I determine if I have a valid OFAC match?

Please take the following “due diligence” steps in determining a valid OFAC match.

If you are calling about a wire transfer or other “live” transaction:

Step 1. Is the “hit” or “match” against OFAC’s Specially Designated Nationals (SDN) list, one of its other sanctions lists, or targeted countries, or is it “hitting” for some other reason (i.e., “Control List” or “PEP,” “CIA,” “Non-Cooperative Countries and Territories,” “Canadian Consolidated List (OSFI),” “World Bank Debarred Parties,” “Blocked Officials File,” or “government official of a designated country”), or can you not tell what the “hit” is?

Step 2. Now that you’ve established that the hit is against one of OFAC’s sanctions lists or targeted countries, you must evaluate the quality of the hit. Compare the name in your transactions with the name on the sanctions list. Is the name in your transaction an individual while the name on the sanctions list is a vessel, organization or company (or vice-versa)?

Step 3. How much of the listed entry’s name is matching against the name in your transaction? Is just one of two or more names matching (i.e., just the last name)?

Step 4. Compare the complete sanctions list entry with all of the information you have on the matching name in your transaction. An entry often will have, for example, a full name, address, nationality, passport, tax ID or cedula number, place of birth, date of birth, former names and aliases. Are you missing a lot of this information for the name in your transaction?

Step 5. Are there a number of similarities or exact matches?

If you are calling about an account:

Step 1. Is the “hit” or “match” against OFAC’s SDN list, one of OFAC's other sanctions lists or targeted countries, or is it “hitting” for some other reason (i.e., “Control List” or “PEP,” “CIA,” “Non-Cooperative Countries and Territories,” “Canadian Consolidated List (OSFI),” “World Bank Debarred Parties,” or “government official of a designated country”), or can you not tell what the “hit” is?

Step 2. Now that you’ve established that the hit is against one of OFAC’s sanctions lists or targeted countries, you must evaluate the quality of the hit. Compare the name of your customer with the name on the sanctions list. Is the name of your customer an individual while the name on the sanctions list is a vessel, organization or company (or vice-versa)?

Step 3. How much of the listed entry’s name is matching against the name of your account holder? Is just one of two or more names matching (i.e., just the last name)?

Step 4. Compare the complete entry with all of the information you have on the matching name of your account holder. An entry often will have, for example, a full name, address, nationality, passport, tax ID or cedula number, place of birth, date of birth, former names and aliases. Are you missing a lot of this information for the name of your account holder?

Step 5. Are there a number of similarities or exact matches?

* If you have reason to know or believe that processing this transfer or operating this account would violate any of the Regulations, you must call the hotline and explain this knowledge or belief.

Strong and Weak Aliases
For additional information regarding strong and weak aliases on OFAC's sanctions lists, please see the Weak Aliases following topic.

Date Released


Source: https://ofac.treasury.gov/

New SDN Search Tool​

03/13/2013

Recent Actions Body

The Office of Foreign Assets Control (OFAC) launched a new and improved tool for searching its Specially Designated Nationals List (SDN). The new version of SDN Search provides users with much greater leeway when searching for names for the tool no longer returns only exact matches. SDN Search now makes use of character, string, and phonetic matching algorithms to provide the user with a broader set of results. This gives SDN Search the ability to account for differences in spelling and transliteration.

This upgraded version of SDN Search, previously available as a beta release, replaces the earlier version. OFAC received and reviewed feedback from the public on its new search tool. OFAC is offering this upgraded search tool free to the public to give users of the SDN List an improved search experience that will help them meet their compliance obligations.

Please see the related FAQs for additional information on algorithms, scoring, and other technical details.

SDN Search is available at http://sdnsearch.ofac.treas.gov/.