Data protection laws, such as the EU’s General Data Protection Regulation (GDPR), establish a comprehensive framework of individual rights intended to give data subjects greater control over the processing of their personal data. Together, these data protection rights aim to empower individuals while restricting how organizations use and process that
At Least Authority, we believe that people have a fundamental right to privacy. In a technical context, a “right to privacy” translates into concrete requirements and design principles that ensure users maintain meaningful control over their personal data. Our security consulting work is rooted in this value as we help
Threshold signing protocols, like FROST, help to facilitate trust while avoiding the reliance on a centralized authority. They do this by fault-tolerantly distributing information or computation among a cluster of cooperating computers. With the rapid advancement of secure digital systems, threshold cryptography is gaining traction through securing multi-signature wallets, protecting
In today’s rapidly evolving tech landscape, ensuring robust security is more than a checklist—it’s a collaborative journey. At Least Authority, our process begins by working closely with our client to define the audit scope and secure the essential documentation and resources. Through in-depth technical discussions, we pinpoint key concerns and
We can help Crypto-Assets Service Providers safely navigate the new MiCA regulation compliance environment and improve security. We can help Crypto-Assets Service Providers safely navigate the new MiCA regulation compliance environment and improve security. Background The newly adopted European Union (EU) Regulation on Markets in Crypto-Assets (MiCA Regulation) aims to
Multiple steps are involved to ensure a successful collaboration on a planned security consulting engagement. Whether it requires a security audit, limited security evaluation, or security by design consultation, the process begins by scheduling a call to clarify the in-scope components, areas of concern that are to be prioritized during
In our previous blog post, Security Audit Reports: A Guide for Everyone, we provided a comprehensive guide on how to read a security audit report. We discussed the various sections of an audit report, what to look for, and how to interpret the findings to gain insights into the security
In 2014, we published our first security audit report. Since then, we have completed more than 200 audits and published more than half of those. The primary audience of an audit report is the client’s project development team. However, stakeholders and other interested parties can also find value in reading