Cyber Access Control | MFA Enterprise Password Management | Access Smart

Archive for Social Networking

Cyber Authentication – Google Weak on Password Management Systems

When it comes to cyber authentication, the weakest link is the user.

Cyber authenticationCyber authentication is a hot topic in today’s world of Malware, Cyber Warfare, BYOD, Cloud Computing and Hackers. In a recent Google Password Management blog, “Google Password Management Tips To Increase The Security Of Your Accounts” they asked if your Gmail account is safe. They then give seven tips on how to improve password security. These tips, while basically correct, are so old and have been said ever since the first password was issued that they fail to address the real problem: the human element.

We all know the problems with passwords: there are to many, they need to be complex, IT makes you change them every 90-days, and we can’t remember them all. These Google tips should also be classified as: Policy, Technique, or Management. Security typically is weaker when people are expected to securely “manage” the  “techniques.” Finally, even if you followed all these Google tips you still will be vulnerable because of the password cracking tools and attacks being used. While some are saying that password security is dead. I full disagree since passwords are one of the fundamental cyber authentication methods. So let’s review these tip. Read More→

Privacy is no Friend on Facebook

Mark Zuckerberg, Did you miss the class discussing “Privacy” at Harvard?

As you fill your Facebook account with family. friend and new contacts, it is obvious that Privacy is not a word that Facebook cares about or understands. In some recent articles about the cyber hackers “Anonymous” they clained they did not take down Facebook because it’s a great source for the hacking. There’s an endorsment you didn’t hear when the stock was going public.

It was reported yesterday that Facebook wants to allow 13 year olds and under to have accounts. After attending a recent security conference its members rated Facebook as the second most valuable tool for criminals, Google is still #1. So many users still don’t understand personal privacy and what topics are  resonable posts. Kids will talk about their desires that child preditors will use. Teens talk about upcoming vacations that burglers use. Cyber theives develop malware laidened ads and aps that adults download. So if you want to raise your odds of being a vitium of identity theft, having your children harmed and have your house ransacked then keep that Facebook account up to date.

The Facebook team and Mark like to talk about privacy but the default settings are to “no privacy”. Then when Facebook makes a program update they automatically turn off your privacy settings again. Facebooks mission seems to support identity theives and not their customers. Recomendation: Since Facebook doesn’t care then the user has to take responsibilitly. Therefore, lie about everything from your schools, home town, age, sex, etc. Facebook will then become the social media for pathilogical liars.

So how do you like those emails that look like they are comming from a friend only to discuver after opening the attachment it was malware infested spam? All your personal information and online accounts are now in jepordy, or maybe you will become a botnet node for a Denial-of-Service (Dos) attack.

 

Employees Are Not Evil…

They Are Just Drawn That Way

PData security begins with network access authentication of employeesaraphrasing a line from Jessica Rabbit from the movie Roger Rabbit seems the appropriate comment from Geoffrey A. Fowler’s article “What’s a Company’s Biggest Security Risk? You.” Hence the headline: Employees Are Not Evil – They Are Just Drawn That Way. It is critical that employers be diligent in training their employees in online safety.

When your employees are online they are opening the door to danger. Be it opening phishing email attachments, writing passwords on sticky notes, plugging in USB drives found in the parking lot, using personal devices to access the company’s network, of hundreds of other social engineering attacks, data is the new currency of the internet age. And if it has value, there will always be someone wanting to steal it. Read More→

Social Networking Hack Increases Data Breach Vulnerability

Data breach can affect other “SoNet” Junkies

Network access authenticationThe hack of the social networking (“SoNet”) giant LinkedIn may have made your company more vulnerable to a data breach. The recent attack where 6.5 million passwords were posted on a Russian online forum has been well reported. The combination of insecure data files, outdated cryptography and user-managed passwords should make every corporate officer to demand a network security audit.  So what happened?

There were a number of security failures:

  • The inability to first authenticate who’s “knocking” on the firewall before allowing them access
  • The use of outdated, weak encryption to secure the password data files, and
  • Users having the ability to implement weak passwords. Read More→

Data Breach Costs Drop Misleads while Cyberattacks Increase

A Data Breach can still bankrupt a business

Network Access AuthenticationIn Ponemon Institution’s annual “Cost of Data Breach Study” shows that the cost per record lost and the average cost of a data breach dropped in 2011. The cost per record dropped from $214 to $194, and from an average breach cost from $7.2M to $5.5M. The decline is credited to organizations being better prepared for and responding to a data breach. Here are some of the reasons for the drop:

  •          The decrease in per capita breach costs
  •          The average size of a data breach
  •          The decrease in abnormal customer churn
  •          A drop in the average total cost of a data breach response

While this may seem great news, don’t let your guard down just yet. All this is showing is that the costs to a company are dropping, and having a plan and response team will lower a company’s costs. From another industry report, Symantec claims that the number of attacks increased 81% from 2010 to 2011. Read More→