Get All Access for $5/mo

Yahoo Unveils Massive New Encryption Scheme to Protect Users Online privacy champion Alex Stamos is making it a lot tougher for hackers and spies to snoop around Yahoo's insides. Here's what you need to know.

Opinions expressed by Entrepreneur contributors are their own.

Alex Stamos doesn't play when it comes to the NSA.

In his first big hammer drop as Yahoo's new cybersecurity watchdog, Stamos announced yesterday that he's overseeing a massive "around the clock" effort to encrypt 100 percent of the tech giant's traffic, including the private data of its 800 million-plus users -- "at all time[s], by default."

Related: 4 Things to Know About Yahoo's New Information Security VP Alex Stamos

On the heels of reports that the NSA allegedly secretly snooped around thousands of its user accounts, the Sunnyvale, Calif.-based company pledged to encrypt all of its data centers by March 31. Stamos and the "hundreds of Yahoos" in his charge made that vow a reality. Not bad for only four weeks on the job.

The San Francisco-based veteran information security expert and outspoken NSA critic officially announced the company's newly bolstered encryption efforts on its Tumblr page yesterday.

And Stamos made no bones about why the massive encryption project -- which seriously steps up security for Yahoo data center traffic, Yahoo Homepage search queries, Yahoo! Mail and much more -- is going down in the first place.

"We will continue to work hard to deploy the best possible technology to combat attacks and surveillance that violate our users' privacy," Stamos wrote in a powerful, telling statement curiously buried as the last sentence in his Tumblr post.

Make It Stop: Yahoo Reports Coordinated Email Hack

It was clearly a dig at the NSA's controversial PRISM surveillance program, which Yahoo recently reported requested to poke around in roughly 30,000 to 40,000 of its user accounts (between January and June last year) via Foreign Intelligence Surveillance Court (FISC) classified court orders. Yahoo arch rival Google said it was on the receiving end of FISC requests for information from approximately 9,000 and 10,000 of its user accounts around the same time.

Here is Stamos's complete bulleted list detailing Yahoo's new beefed-up encryption efforts, directly from his Tumblr update:

  • Traffic moving between Yahoo data centers is fully encrypted as of March 31.

  • In January, we made Yahoo Mail more secure by making browsing over HTTPS the default. In the last month, we enabled encryption of mail between our servers and other mail providers that support the SMTPTLS standard.

  • The Yahoo Homepage and all search queries that run on the Yahoo Homepage and most Yahoo properties also have HTTPS encryption enabled by default.

  • We implemented the latest in security best-practices, including supporting TLS 1.2, Perfect Forward Secrecy and a 2048-bit RSA key for many of our global properties such as Homepage, Mail and Digital Magazines. We are currently working to bring all Yahoo sites up to this standard.

  • Users can initiate an encrypted session for Yahoo News, Yahoo Sports, Yahoo Finance, and Good Morning America on Yahoo (gma.yahoo.com) by typing "https" before the site URL in their web browser.

  • A new, encrypted, version of Yahoo Messenger will be deployed in coming months.

Related: Young Millionaire: Inside the Mind of Yahoo's Teen Sensation Nick D'Aloisio

Stamos's work doesn't end with this list, though. Not as long as cyber attackers and government spies seek to snoop around Yahoo's insides, which we don't expect to stop any time soon.

"This isn't a project where we'll ever check a box and be 'finished,'" he said. "Our fight to protect our users and their data is an on-going and critical effort."

Yahoo did not immediately respond to a request for comment.

Kim Lachance Shandrow

Former West Coast Editor

Kim Lachance Shandrow is the former West Coast editor at Entrepreneur.com. Previously, she was a commerce columnist at Los Angeles CityBeat, a news producer at MSNBC and KNBC in Los Angeles and a frequent contributor to the Los Angeles Times. She has also written for Government Technology magazine, LA Yoga magazine, the Lowell Sun newspaper, HealthCentral.com, PsychCentral.com and the former U.S. Surgeon General, Dr. C. Everett Coop. Follow her on Twitter at @Lashandrow. You can also follow her on Facebook here

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Business News

These Companies Offer the Best Work-Life Balance, According to Employees

The ranking is based on Glassdoor ratings and reviews.

Science & Technology

Use This Framework to Successfully Integrate AI Into Your Business Operations

Here's how to ensure both innovation and compliance when using AI in your organization.

Growing a Business

5 Effective Strategies to Boost Your Business's Online Presence

Boosting your online presence in 2025 is the key to success for businesses looking to grow. Working on your branding and reputation management is important to drive more sales and improve conversion.

Leadership

Why Your AI Strategy Will Fail Without the Right Talent in Place

Using fractional AI experts through specialized platforms allows companies to access top talent cost-effectively, drive innovation and scale agile strategies for growth.