|
|
Like this article? PLEASE +1 it! |  |
|
Dovell Bonnett Articles
| Guest post by: Dovell Bonnett |
Zappos Data Breach - Customer Safety and Security - Click To Read Article
Online shoe and apparel shop Zappos, now owned by Amazon, reported earlier this week that 24 million users names, e-mail addresses, billing and shipping addresses, phone numbers, and the last four digits of credit card numbers may have been illegally accessed.
Preventing Physical Identity Theft - Click To Read Article
Physical identity theft occurs when thieves come in close contact with their victims or the information they’re stealing. for example, Thieves may engage in dumpster diving, where they look through garbage, or literally dumpsters. to find papers with account numbers, addresses, name of family members, Social Security Numbers, drivers license numbers, or anything else that identified an individual.
2012 – The Year of Cyber Espionage? - Click To Read Article
Using social engineering attacks are still the best and cheapest way to distribute malware. Spam emails, phishing, spearfishing, etc., all utilize attachments that can hide the malware. It still is amazing that such an and old and simple method is still the most effective. An according to some experts, educating the employees about information security is a waste of time. I disagree since even if one person is helping by being educated and aware it is better than having none. But education alone is not the solution.
My 3 Top Security Strategies for 2012. - Click To Read Article
In Justine Rivero’s latest article “Three New Ways to Protect Your Identity in 2012” she is absolutely correct that smartcards for secure payment is needed because it is better to use security upfront than rely on identity theft protection after the fact. But why stop at payment? Smartcards offer secure data access to medical records, corporate networks, online commerce sites, computer logons, applications, and anything else where user authentication is required.
Don't Wait for Windows 8 to Secure Your Passwords - Click To Read Article
This week the press is all agog about how Windows 8 is going to “securely” manage passwords. Win 8 will do this with LiveID, syncing passwords across multiple computer platforms, using “TrustedID” to authenticate the computer, and storing all your long complex passwords in the cloud or on your device. But the sense of security is still misplaced.
Chinese Computer Hacking of Chamber of Commerce has Already Hurt Your Business - Click To Read Article
On December 21, 2011 the Wall Street Journal reported that U.S. Chamber of Commerce was hacked. Many of the major media outlets are all re-publishing the report. But, if you look at the fine print you will discover that the attack occurred back in November 2009 and was discovered in May 2010. That left the Chamber’s 3 million company members uninformed and their information vulnerable for two years as the FBI and cyber investigators analyzed the attack.
Key 2011 Hacker Prevention Lessons - Click To Read Article
I recently came across this article on the “Top hacker disasters of 2011”, written by David Aitel of Immunity Inc. David has put together a brilliant article that lists some of the high profile attacks and five lessons to be learned. One key point that you should notice in this article is that there was no single security failure points that caused the company’s breach. The points of attack ranged from technology being cracked to poor security practices within a corporation. After reviewing David’s 5 lessons, I wanted to comment on each to add a little more insight.
Is Your Cloud Provider Sidestepping Security? - Click To Read Article
When you accept that cloud provider’s contract to store or backup your company’s data on their servers, did you read the fine print? According to Gartner, 2012 may be the year that Cloud Services gets a big boost because companies are looking to decrease IT costs, have more access form remote users and offer more services to your customers. But, at what cost?
Yet Another Avoidable Security Breach At UCLA - Click To Read Article
UCLA recently agreed to pay a penalty of $865,000 for a series of HIPPA violations and now they are forced to reveal that the theft of an external hard drive from a former employee’s home has created the fears of yet another security breach. Plus, UCLA is offering 16,288 patients credit and fraud protection services.
ISSA's SoCal Security Symposium - Click To Read Article
It was stated that the first line of defense of a network is the firewall. So the focus has been on having a strong, up-to-date firewall. I agree with its importance, but to me the first line of defense has to be strong user authentication. I’m not talking about user authentication to the public website but into the internal corporate network. The use of a multi-factor smart card has to be a component.
The Growing Threat of Medical Identity Theft - Click To Read Article
According to a recent article in MedPage Today, nearly four out of ten doctors surveyed by the accounting firm Price Waterhouse Coopers are reporting that they have caught a patient attempting to use someone else’s identity in order to obtain healthcare services.
Microsoft®’s Forefront Review - Click To Read Article
Microsoft ‘s Forefront Identity Manager (FIM) 2010 provides IT with the tools needed for identity and access management through a SharePoint-based policy management console. Microsoft correctly targets the importance of identity management for users, devices, and services due to cyber attacks, regulatory mandates and privacy protection compliance. While FIM 2010 is designed around secure identity management, the logical question follows: How is the user properly identified during Windows authentication?
Access-As-A-Service (AAAS) By Access Smart - Click To Read Article
To businesses of all sizes the cloud is the rage. Companies are moving to the cloud for cost savings, convenience for their road warriors, data backup, new applications and a host of other business reasons. What one rarely hears is that companies are moving to the cloud for security. I have written blogs and posted comments on LinkedIn, Facebook and other social media outlets on some of the dangers of cloud security. My goal is for business owners to understand their risks
What To Do When Your Company Network Is Hacked - Click To Read Article
I have written many articles and blogs warning about the cost to a company from a security breach. Ben Worthen, a staff reporter in The Wall Street Journal’s San Francisco bureau, wrote a great article “What to Do if You’ve Been Hacked” on September 26, 2011, where he has highlighted some key things to do. All the points are excellent but the #1 “to do” is to not ignore the attack and hope it goes away. It won’t!
HP ProtectTools Solution - Click To Read Article
HP claims that you can purchase smartcards and smartcard readers on their “Supplies and Accessories for Business Notebooks” web site. To date, smartcards are NOT listed on the site, so many HP customers are contacting Access Smart for advice and a solution. Access Smart® has a solution.
Shady RAT World Wide Hacking - Click To Read Article
Recently McAffe published a worldwide hacking report about what they are calling Shady RAT. The United Nations, Olympic committees, governments, U.S. real estate company, a major media organization based in New York, a satellite communications company and other companies around the world, totaling 72 organizations, have been hacked by a "state actor".
Corporate Network Security Technology Comparison - Click To Read Article
A few years ago, many of us had only a few passwords to remember. Today, we have dozens. Corporate networks have become virtually impossible to use today without passwords. On top of this, “IT’s best security practice” requires that employees change passwords frequently and use long, complex passwords. Unfortunately, this has encouraged poor password management habits that lead to security breaches, privacy violations and huge fines.
OBAMA ADMINISTRATION PLANS INTERNET ID - Click To Read Article
There are some key concerns that arise with a government issues Internet ID card.
Email marketing is a waste of time and money - Click To Read Article
Not for reason you might think. Internet security or the lack there of, has made users suspicious and distrustful to all unsolicited emails. Let’s first take the argument from the personal perspective. We all have been hit with spam in our email accounts. We may have also experiences are own email address being hijacked by email spoofers. All with the intent to get the recipient to click a link or open a file to start the process of identity theft.
MORE HACKING. WHEN WILL IT STOP? - Click To Read Article
The simple answer? It won't. To paraphrase Willie Sutton, bank robber, "That's where the money is." PBS, Sony, Lockheed, Amazon, IMF, US Senate, etc., all announced in 2011 that their systems were hacked. Security specialists are now calling 2011 the year of the hacker. Weak SecureID tokens, malware, password attacks, etc., have all been used. Foreign governments, terrorists and a "hacking collective" called LulzSec have been accused. Recently, the DOD announced that cyber attacks can now be regarded as a military attack with the recourse being military ordnance.
The Law May Consider Your Business a Bank! - Click To Read Article
There’s an interesting post over at Krebs On Security talking about some poor company that is going bankrupt because TD Bank allegedly will not give them their money back after it was stolen out of their account. Now, I wish I could say this concept is totally foreign to me, but unfortunately this isn’t the first time I’ve heard this story. I’m under NDAs not to describe the people involved, or the bank involved, but the important details are nearly identical to this story. Why is this happening?
How Thieves Physically Steal Your Data! - Click To Read Article
Basically, the theft of sensitive information from companies can happen in two ways: physical data breaches or online breaches of security. Physical identity theft refers to cases where the identity thief needs to get in close to their targets or to the information they are trying to obtain. These sorts of identity theft efforts include dumpster diving to search for documents which contain information such as account numbers, social security card or credit card numbers, addresses and like. Basically, any information which contains personally identifying information on a customer, vendor or employee is of use to identity thieves. Mail may be stolen or thieves may pose as company
Network Security Doesn’t Have To Be A Burden - Click To Read Article
Whenever I log onto my computer, visit a subscriber web sites or check my emails I always get the screen “Please enter your User Name and Password”. To manage this authentication barrage I might use the same logon information for all my sites, make the passwords simply to remember and keep the same password for years. Now my company’s IT department has decided to increase security by making me change my logon password every 60 days, make it more than 8 characters long and it has to contain both numeric or special characters. Security is a necessary burden. But, does security really need to be a burden?
Protecting Your Company From An Online Data Breach - Click To Read Article
Why do data thieves attack corporate computer networks? Well, to paraphrase Willie Sutton, it's because that's where the data is. As I said in a previously blog, a data breach is usually done in one of two ways. A data thief will either employ physical means, such as dumpster diving, social engineering or a simple break-in; or via the internet. No business today can afford to be left behind technologically, meaning that in every corporate environment there are computers, networks and electronically stored information.
Schools and Universities Can Afford Smartcards Too! - Click To Read Article
Schools and universities have become a major target for fraud and identity theft. While they often function like large corporations with multiple users and computers, they rarely have the same big IT budgets to adopt expensive network security. So when a small charter school in DC found an innovative way to implement high level smartcard security without the huge price tag or backend modifications, they were excited.
Safeguard Business Data - Value Advantage of Integrating Logical Access on an Employee ID Badge - Click To Read Article
Many large corporations and government agencies have found the cost savings, security and employee convenience very compelling to integrate logical access into the employee badge. However, the two biggest barriers in getting small to medium size businesses, clinics and agencies to follow suit have been: Awareness and Cost.
Data Security is Mandatory - Click To Read Article
What is a data breach? A data breach occurs when customer information held by a company, business or institution is accessed, used, collected, retained or disclosed in a manner which is not in accordance with the applicable privacy laws and regulations and/or the company's own policies regarding customer information and privacy.
|
About the Author: Dovell Bonnett RSS for Dovell's articles - Visit Dovell's website Security does not have to be cumbersome to be affective. That is why our products are designed using state-of-the-art security technologies while focusing on ease-of-use and low cost-of -ownership. Previously, smartcard technology was only available to governments and Fortune 500 companies. Access Smart has turned that model upside down by matching the technology to the needs, no annual subscription fees and fully transferable licenses to keep security affordable to even high employee/student turnover businesses. The Access Smart team has over 50 combined years in the smartcard and security industry. By addressing the very real problems from a systems mindset, Access Smart delivers everything for a company to implement AaaS within hours and not months/years. Please contact Dovell Bonnett at Access Smart as to discuss how best to implement Authentication, Authorization and Non-Repudiation into your business. Access Smart - The Alternative to PKI. Click here to visit Dovell's website   Email marketing is a waste of time and money Data Security is Mandatory Chinese Computer Hacking of Chamber of Commerce has Already Hurt Your Business My 3 Top Security Strategies for 2012 Key 2011 Hacker Prevention Lessons |
Share this article with your friends. Fund someone's dream.
Leave a comment below or share on the left and you'll help support entrepreneurs in Africa through our partnership with Kiva. Over $50,000 raised and counting - Please keep sharing! Learn more.
Featured Article
by: 
Best Automated Forex Trading Strategy
Build Your List with Joint Venture Giveaway Events
May 2012 Top 100 Social Media Experts to Follow on Twitter
What to measure to be phenomenally successful in business
10 mistakes of media relations
Newsletter
Get advice & tips from famous business
owners, new articles by entrepreneur
experts, my latest website updates, &
special sneak peaks at what's to come!
Get advice & tips from famous business
owners, new articles by entrepreneur
experts, my latest website updates, &
special sneak peaks at what's to come!
Suggestions
Email us your ideas on how to make our
website more valuable! Thank you Sharon
from Toronto Salsa Lessons / Classes for
your suggestions to make the newsletter
look like the website and profile younger
entrepreneurs like Jennifer Lopez.
Email us your ideas on how to make our
website more valuable! Thank you Sharon
from Toronto Salsa Lessons / Classes for
your suggestions to make the newsletter
look like the website and profile younger
entrepreneurs like Jennifer Lopez.