Why Your Business Requires Security

The States and Federal Identity Theft and Privacy Protection Laws now require businesses, agencies and organizations of all sizes to protect all personal information they store, and report to all their customers whenever a breach occurs. The financial ramifications after having a data breach can be very substantial to both present and future business. In some many cases a company never does recover from a breach and is forced to close down. Currently, the average cost on a company is $3.7M per incident.

Archive for Business Security


Corporate Network Security Technology Comparison

Posted by: | Comments Comments Off on Corporate Network Security Technology Comparison

A few years ago, many of us had only a few passwords to remember. Today, we have dozens. Corporate networks have become virtually impossible to use today without passwords. On top of this, “IT’s best security practice” requires that employees change passwords frequently and use long, complex passwords. Unfortunately, this has encouraged poor password management habits that lead to security breaches, privacy violations and huge fines.

IT managers have a host of secure, authentication technologies available to safeguard corporate networks. Alongside Smartcard-based Password Managers are One-Time Password (OTP), Certificate-based Logon (PKI), and server-based Single Sign-On (SSO) all targeted to solve the “password problems”. Read More→

Comments Comments Off on Corporate Network Security Technology Comparison

2012 – The Year of Cyber Espionage?

Posted by: | Comments Comments Off on 2012 – The Year of Cyber Espionage?

Lucian Constantin’s recent article “Expect more cyber-espionage, sophisticated malware in ’12, experts say” states that cyber-attacks in 2012 will increase with more sophisticated malware. Certainly companies like MicroTrend, Symantec and others have their work cut out for them to eradicate these attacks once they are launched. But taking a step back, the question arises as to how malware is first getting into the networks.

Answer: employee’s carelessness.

Using social engineering attacks are still the best and cheapest way to distribute malware. Spam emails, phishing, spearfishing, etc., all utilize attachments that can hide the malware. It still is amazing that such an and old and simple method is still the most effective. An according to some experts, educating the employees about information security is a waste of time. I disagree since even if one person is helping by being educated and aware it is better than having none. But education alone is not the solution.

Technology applications, networks and operating systems have to incorporate security as one of their key design components. Stop the patching and all the backward compatibility design concerns and start create an entirely new OS from scratch. We don’t run DOS and Windows 98 anymore.

Software applications also need to incorporate high security standards like integration with multi-factor credentials. Using a smartcard that first authenticates the user to the card, then the card to the computer, then authenticates the card and server to each other, and finishes up with the user to the application can greatly improve a company’s security.

Public cloud services are still scary at best. Do you really know how and where your data is being stored? Plus, when some of the biggest public cloud companies are “sidestepping security” with protection clauses in their contracts should tell you something. Private clouds can have more security safeguards but it requires knowledgeable people to build and manage.

Security is only as strong as the weakest link and that link is the employee. I would wager that majority of the employee caused breaches are done through carelessness. Employees have to get their jobs done and will often circumvent security protocols so as to increase convenience and efficiencies. That is why any security plan has to take into account the user. Otherwise, corporate officers are lulled into a false sense of security. A 25-character random password that has to be changed every 7 days is super security but don’t be surprised when there is an increase in Post-it Note supplies because these passwords simply cannot be memorized by most employees.

Power LogOn® by Access Smart® has been delivering multi-factor authentication, smartcard-based password management solutions for years. Users are able to store multiple passwords on a single smart card, no passwords are ever stored with in a computer that others can access our hack, and when the card is removed from the computer no critical logon data is left behind on the computer. If the card is lost or stolen all the passwords are protect because the card authentication includes a limited number of false entries before it is locked and needs IT assistance. From the users perspective a lost card is easily recoverable without having to change all your passwords.

Power LogOn – The Password Manager Solution  by Access Smart

Users passwords need to be de-centralized and always in the possession of the user. Power LogOn is being used by individuals, small businesses, and large enterprises. So don’t wait for Windows 8 to think you can securely manage your passwords. Implement today and protect your data. Complex passwords are recognized as the way to secure accounts. Power LogOn allows businesses to securely manage all those passwords and for IT to be put back in control of logon security.

Comments Comments Off on 2012 – The Year of Cyber Espionage?

Protect Your Physical Data From Thieves

Posted by: | Comments Comments Off on Protect Your Physical Data From Thieves

How to Protect Your Physical Data From Thieves by Dovell BonnettWe are constantly hearing about cyber threats to our online security, and I think it is a sure bet that we can expect it to continue to happen. And while it is VERY important to be as educated about online security as possible (consider this an ongoing education, by the way!), you should also be very aware of how thieves can gain access to your physical data.

The theft of sensitive information from companies can happen in two ways: physical data breaches or online breaches of security. Physical identity theft refers to cases where the identity thief needs to get in close to their targets or to the information they are trying to obtain. Read More→

Comments Comments Off on Protect Your Physical Data From Thieves

How To Create Strong Passwords

Posted by: | Comments Comments Off on How To Create Strong Passwords

Passwords are the foundation for computer, network and SaaS (Cloud) authentication. One has to create strong passwords to be the vanguard. The more complex you make your passwords, the safer your data becomes. Unfortunately, complex passwords and a frequent change policy are often met with resistance, causing employees to circumvent good security policy for convenience. Every organization needs a secure Password Manager. Microsoft Gold Certified Partner Uniblue recently posted the following article on password security. Read More→

Comments Comments Off on How To Create Strong Passwords

How to Detect a Phishing Email

Posted by: | Comments Comments Off on How to Detect a Phishing Email

I recently received an email that looked like Microsoft was doing a campaign on its 25-year anniversary of Excel. If I would submit an article of my best Excel story, according to the email, I could win an X-Box.

My first thought was, “Has it really been 25-years and, boy do I have some great stories.” But looking over the email, something just didn’t seem right. Was this a phishing email? So here is my quick and easy test to determine if the email is a scam aimed at getting you to involuntarily give up your login and password information. Read More→

Comments Comments Off on How to Detect a Phishing Email