Home / Archives For Security

Security

What Can The Banks Learn From Online Dating?

At first, the idea that banking or finance sectors could learn a trick or two from the online dating industry is laughable. After all, while the former is heavily regulated, deeply complex and integral to our economy; the latter is frivolous by comparison. Dating, as is often said, is a numbers game! And organisations such as Match.com, eHarmony and Zoosk rely on very sophisticated technology as they sift through vast customer bases to create the most compatible couples. Specially, they rely on data to build the most nuanced portraits of their members that they can, so they can find the best matches. This is a business-critical activity for dating sites – the more successful the matching, the better revenues will be. One of the ways they do this is through graph databases. These differ fro......

JPMorgan Data Breach: Cybercrime Is Not High Enough On The Corporate Agenda

This latest major cyber-attack follows high profile data breaches at Barclays earlier this year, and the US retail giants Home Depot and Target, at the back-end of 2013. The Target breach was larger than the current story being reported from JPMorgan, though the ramifications of the attack on the bank could be far greater given the sensitive nature of the information held. Retailers are not known to be at the forefront of security investments as they protect customer information and comparatively low value physical goods. Obviously, with banks the situation is very different as they look after cash and highly valuable assets. Initial public reports appear to indicate that the hackers breached JPMorgan’s network via an employee’s personal computer, with malware establishing a VPN tunnel int......

‘Ello To The Anti-Facebook And Anti-Google Era

The ad-free Ello, known as the anti-Facebook social network, is the latest startup to go viral, capitalising on public concern about how personal data is being used and registering an astonishing 40,000 sign-up requests per hour. Ello’s dizzying rise is indicative of broader public sentiment towards the Googles and Facebooks of this world – internet users are fed up of having their personal data taken for granted and are now doing something about it. Emerging technology startups have responded to privacy concerns by building user-friendly products in areas such as social media, analytics and online search. Ello is just one example in social media, but already questions have been asked whether companies like Ello can be financially viable in the long term if they can’t sell user data to sel......

The 5 Critical Tenets Of Identity And Access Management

The IAM market is experiencing a renaissance with the emergence of new options for how and where to deploy IAM technology, both on-premises and as a service. At the same time most organisations are struggling with how to best utilise the IAM solutions they have to manage their changing world of IT infrastructure. New technologies like cloud and mobile are being mixed with established mainstays like SAP, Oracle and RACF and must be managed with an increasing focus on governance, compliance and automation. Regardless of the delivery model selected, and whatever the mix of applications being managed, many best practices of IAM remain unchanged. As we look back on what we’ve learned in the industry so far, and we lay out a path to the future products and solutions for tomorrow, some basic and ......

Security Latency: Why Do We Tolerate It?

We live in a world where we expect, no demand, things to happen instantly. Sending an e-mail, waiting for a web page to load, booking an online shopping delivery slot or awaiting an order confirmation. Whatever we’re doing we want to see results now, now, now! So why then do we tolerate delays and latency with our security systems? When you read coverage of data breaches or malware attacks, we only learn that on event has happened once the perpetrator has left the building. Gone. Vanished. Vamoose. Leaving the organisation with a lot of questions, no answers and a set of very angry stakeholders. I really don’t see how this aligns with messages pushed into the marketing of ‘360 degree’ or ‘hollistic view’ of the security/vulnerability environment. Of course companies should have these insig......

Security’s Second Chance

When a person stands in court, the judge has only one chance to determine the verdict. Double jeopardy prevents anyone from being tried twice for the same crime and so, no matter what comes to light later on, there are no second chances. Even if that person is guilty, they have escaped and are free to cause more damage. “Security courts” used to abide by the same rule, relying on a conviction paradigm that provided a single point in time to get a conviction right. Blocking and prevention technologies and policy-based controls gave security professionals just one opportunity to pass judgement on files and identify them as either safe or malicious. During a time when threats were less sophisticated and less stealthy than today, these defences were mostly acceptable. But attacks have evolved ......

Defining Managed File Transfer For IT Pros

It is estimated that across the globe, cybercrime generates $445 billion every year. In spite of this, a recent survey of more than 100 IT professionals shows that nearly half (42 percent) of IT professionals confess that their organisations do not mandate secure methods for transferring corporate information. The harsh reality is that today, every organisation is at high risk of a data breach and security processes and tools are now critical. An oversight in this area could have a business-critical impact and the study reveals an alarming number of IT professionals who admit to either losing a critical file indefinitely, or spending a significant amount of time trying to retrieve it. In fact, 18 per cent of respondents report that they have lost a critical file, 11 percent have spent more......

The Top 4 Benefits Of Managed File Transfer

MFT has emerged as the strategic solution of choice for moving large files internally and/or externally, securely, and at whatever scale is required. End users in any organisation want an easy way to transfer files and if one is not provided they will find a workaround on their own. More often than not, that workaround is a consumer-grade file-sharing tool, such as personal email, consumer file-sharing sites, remote devices, and cloud-storage services, all of which present unique and significant security and compliance risks to organisations. MFT brings security, order, structure, and visibility to any organisation. How file transfers are accomplished, managed, monitored, and reported is critical to every aspect of business operations and extends beyond the company to reach and affect cust......

Are Schools Being Negligent With The Data They’re Protecting?

In June 2014, Curledge Street Academy in Paignton, Devon, leaked private details of 200 school children. It was apparently an ‘administrative error,’ whereby the personal details of the students, including their date of birth, education needs and behavioural issues were e-mailed to the parents of the school. The school sent out a letter of apology a few days later asking for parents to delete the attachment but to their horror, discovered that some parents had already published some of the confidential information onto social networking sites. This lead to the Information Commissioner’s Office carrying out an investigation into a breach of the Data Protection Act 1998 (DPA) by the school. Data breaches such as this highlight the extent to which the importance of keeping confidential inform......

Nicholas Cage Films Secret Drowning Tie-In… And Other IT Concerns

There is a danger lurking around every corner, hidden amidst the data for those clever enough to see. This is particularly true for IT security where IT staff relies on technology to spot abnormal activities based on mining huge amounts of data and finding the correlation between systems performance and cause and effect. But what happens when there is correlation without causation? For example, recent experiments with correlations revealed that there is a 0.6 correlation between the number of people who drowned by falling into a swimming pool in the US and the number of films with Nicholas Cage. Similarly, an even scariest correlation of 0.94 is revealed when you compare the consumption of cheese per capita in the US and the number of people who died by becoming tangled in their bed sheets......

Before You Store Your Data, Think About How To Get It Back

Data backup and storage is the IT equivalent of tidying up at the end of the day. Putting all your information away neatly so you know it is accounted for, secure and easy to find again. An unlikely topic, you would imagine, for strong opinions and lively debate. Yet that is exactly what it has become ‒ and for good reason. Every day more data is handled by more employees who are spread across multiple locations and use a variety of devices. This increases the vulnerability of information. The solution for many organisations is to implement a centrally controlled data back-up and storage plan from the range of options available. And this is where the debate can become heated. In the red corner are the cloud converts, those who are quick to point out that ultimately all hardware-based backu......

5 Tips To Enhance Your Business’s Digital Content Security

There is a regular parade of stories in the media about companies accidentally losing data, either as a printout or in digital form. Traditionally the focus for security is on preventing external threats such as viruses and hackers. However, threats like leaks, or unauthorised distribution of secure content that may come from inside are a potentially costly security breach that needs to be addressed. In fact, according to the last ‘Data Loss Barometer’ report from KPMG, over the past five years, around one billion people globally have been affected by data loss incidents, and 60 per cent of these were because of hacking. Thankfully, figures from The Open Security Foundation´s DataLossDB show there has been a gradual decline in the number of incidents in 2013 compared to the rec......