Blog
Cybersecurity Best Practices - Leveraging a VPN
Sometimes cybersecurity can seem like rocket science! Wouldn’t it be nice if there was a single, easy-to-implement, easy to use tool that was really effective when it comes to ensuring network security? Well, there is such a tool, and it has been around for a long time – the Virtual Private Network (VPN). A VPN is a service that creates a secure, encrypted connection between your device and the Internet. It essentially acts as a tunnel through which your Internet traffic passes, shielding your data from prying eyes and making your online activities more private and secure.
How it Works
Encryption: When you connect to the Internet through a VPN, your data is encrypted. This means that even if someone intercepts your data, they won't be able to read it without the encryption key. This encryption protects sensitive information like passwords, credit card details, and personal communications from being accessed by unauthorized parties.
IP Address Masking: A VPN masks your real IP address by routing your Internet connection through a server in a different location. This makes it appear as though you are browsing from that server's location, not your actual physical location. This helps in protecting your identity and privacy online.
Secure Connection: VPNs establish a secure connection between your device and the VPN server. This connection is often referred to as a "tunnel," which ensures that all data passing through it is safe from eavesdroppers, especially when using public Wi-Fi networks.
Enhanced Privacy: By encrypting your traffic and masking your IP address, a VPN provides a higher level of privacy. It prevents websites, ISPs, and third-party trackers from easily identifying your online behavior and tracking your browsing habits.
Why It’s Important
Using a Virtual Private Network (VPN) is important in personal cybersecurity for several reasons:
Privacy Protection: A VPN encrypts your Internet connection, making it difficult for third parties – such as hackers, government agencies, or even your Internet Service Provider (ISP) – to monitor your online activities. This encryption ensures that your personal information, such as browsing history, passwords, and financial data, remains private.
Anonymity: By masking your IP address, a VPN allows you to browse the Internet more anonymously. This means that websites, advertisers, and other entities cannot easily track your location or identify you based on your online behavior.
Security on Public Wi-Fi: Public Wi-Fi networks are often unsecured, making them a prime target for cybercriminals looking to intercept data. A VPN adds a layer of security by encrypting your connection, protecting your data from being intercepted by malicious actors.
Protection from Targeted Attacks: Cybercriminals target individuals by identifying their IP addresses. By masking your IP address with a VPN, you reduce the risk of being targeted by attacks, including Distributed Denial of Service (DDoS) attacks.
If you believe that a VPN could improve your overall cybersecurity posture, or if you simply have more questions about their capabilities and functionality, our cyber advisors are here to help! Reach out to us at help@parallaxe.us with your questions about VPNs or any other cybersecurity issue.
Source: The Project Spectrum Team - 8/22/24
New Release
Formal Launch of New OFAC Sanctions List Service Application
05/06/2024
OFAC has deployed its new Sanctions List Service (SLS). SLS is now the primary application OFAC will use to deliver sanctions list files and data to the public.
SLS includes support for all OFAC legacy and modern sanctions list data files.
While certain sanctions list data are now hosted within the SLS cloud, existing links to OFAC list files remain functional through URL redirects.
The Sanctions List Service application incorporates the traditional OFAC Sanctions List Search tool which will continue to be available at https://sanctionssearch.ofac.treas.gov/.
OFAC will have more information to share in the coming days. Users in need of technical support should contact OFAC at O_F_A_C@treasury.gov.
How do I determine if I have a valid OFAC match?
Please take the following “due diligence” steps in determining a valid OFAC match.
If you are calling about a wire transfer or other “live” transaction:
Step 1. Is the “hit” or “match” against OFAC’s Specially Designated Nationals (SDN) list, one of its other sanctions lists, or targeted countries, or is it “hitting” for some other reason (i.e., “Control List” or “PEP,” “CIA,” “Non-Cooperative Countries and Territories,” “Canadian Consolidated List (OSFI),” “World Bank Debarred Parties,” “Blocked Officials File,” or “government official of a designated country”), or can you not tell what the “hit” is?
If it’s hitting against OFAC’s SDN list, one of its other sanctions lists, or targeted countries, continue to 2 below.
If it’s hitting for some other reason, you should contact the “keeper” of whichever other list the match is hitting against. For questions about:
The Denied Persons List and the Entities List, please contact the Bureau of Industry and Security at the U.S. Department of Commerce at 202-482-4811.
The FBI’s Most Wanted List or any other FBI-issued watch list, please contact the Federal Bureau of Investigation (http://www.fbi.gov/contact/fo/fo.htm).
The Debarred Parties list, please contact the Directorate of Defense Trade Controls at the U.S. Department of State, 202-663-1282.
The Bank Secrecy Act and the USA PATRIOT Act, please contact the Financial Crimes Enforcement Network (FinCEN), 1-800-949-2732.
If you are unsure whom to contact, please contact your screening software provider which told you there was a “hit.”
If you can’t tell what the “hit” is, you should contact your screening software provider which told you there was a “hit.”
Step 2. Now that you’ve established that the hit is against one of OFAC’s sanctions lists or targeted countries, you must evaluate the quality of the hit. Compare the name in your transactions with the name on the sanctions list. Is the name in your transaction an individual while the name on the sanctions list is a vessel, organization or company (or vice-versa)?
If yes, you do not have a valid match.*
If no, please continue to 3 below.
Step 3. How much of the listed entry’s name is matching against the name in your transaction? Is just one of two or more names matching (i.e., just the last name)?
If yes, you do not have a valid match.*
If no, please continue to 4 below.
Step 4. Compare the complete sanctions list entry with all of the information you have on the matching name in your transaction. An entry often will have, for example, a full name, address, nationality, passport, tax ID or cedula number, place of birth, date of birth, former names and aliases. Are you missing a lot of this information for the name in your transaction?
If yes, go back and get more information and then compare your complete information against the entry.
If no, please continue to 5 below.
Step 5. Are there a number of similarities or exact matches?
If yes, please call the hotline at 1-800-540-6322.
If no, you do not have a valid match.*
If you are calling about an account:
Step 1. Is the “hit” or “match” against OFAC’s SDN list, one of OFAC's other sanctions lists or targeted countries, or is it “hitting” for some other reason (i.e., “Control List” or “PEP,” “CIA,” “Non-Cooperative Countries and Territories,” “Canadian Consolidated List (OSFI),” “World Bank Debarred Parties,” or “government official of a designated country”), or can you not tell what the “hit” is?
If it’s hitting against one of OFAC’s sanctions lists or targeted countries, continue to 2 below.
If it’s hitting for some other reason, you should contact the “keeper” of whichever other list the match is hitting against. For questions about:
The Denied Persons List and the Entities List, please contact the Bureau of Industry and Security at the U.S. Department of Commerce at 202-482-4811.
The FBI’s Most Wanted List or any other FBI-issued watch list, please contact the Federal Bureau of Investigation (http://www.fbi.gov/contact/fo/fo.htm).
The Debarred Parties list, please contact the Directorate of Defense Trade Controls at the U.S. Department of State, 202-663-1282.
The Bank Secrecy Act and the USA PATRIOT Act, please contact the Financial Crimes Enforcement Network (FinCEN), 1-800-949-2732.
If you are unsure whom to contact, you should contact your screening software provider which told you there was a “hit.”
If you can’t tell what the “hit” is, you should contact your screening software provider which told you there was a “hit.”
Step 2. Now that you’ve established that the hit is against one of OFAC’s sanctions lists or targeted countries, you must evaluate the quality of the hit. Compare the name of your customer with the name on the sanctions list. Is the name of your customer an individual while the name on the sanctions list is a vessel, organization or company (or vice-versa)?
If yes, you do not have a valid match.*
If no, please continue to 3 below.
Step 3. How much of the listed entry’s name is matching against the name of your account holder? Is just one of two or more names matching (i.e., just the last name)?
If yes, you do not have a valid match.*
If no, please continue to 4 below.
Step 4. Compare the complete entry with all of the information you have on the matching name of your account holder. An entry often will have, for example, a full name, address, nationality, passport, tax ID or cedula number, place of birth, date of birth, former names and aliases. Are you missing a lot of this information for the name of your account holder?
If yes, go back and get more information and then compare your complete information against the entry.
If no, please continue to 5 below.
Step 5. Are there a number of similarities or exact matches?
If yes, please call the hotline at 1-800-540-6322.
If no, you do not have a valid match.*
* If you have reason to know or believe that processing this transfer or operating this account would violate any of the Regulations, you must call the hotline and explain this knowledge or belief.
Strong and Weak Aliases
For additional information regarding strong and weak aliases on OFAC's sanctions lists, please see the Weak Aliases following topic.
Date Released
Source: https://ofac.treasury.gov/
New SDN Search Tool
03/13/2013
Recent Actions Body
The Office of Foreign Assets Control (OFAC) launched a new and improved tool for searching its Specially Designated Nationals List (SDN). The new version of SDN Search provides users with much greater leeway when searching for names for the tool no longer returns only exact matches. SDN Search now makes use of character, string, and phonetic matching algorithms to provide the user with a broader set of results. This gives SDN Search the ability to account for differences in spelling and transliteration.
This upgraded version of SDN Search, previously available as a beta release, replaces the earlier version. OFAC received and reviewed feedback from the public on its new search tool. OFAC is offering this upgraded search tool free to the public to give users of the SDN List an improved search experience that will help them meet their compliance obligations.
Please see the related FAQs for additional information on algorithms, scoring, and other technical details.
SDN Search is available at http://sdnsearch.ofac.treas.gov/.