Archive for Building Security
A Found USB Drive Is Not a Safe USB Drive
Posted by: | Comments
Recently, I was told of an incident where an employee of a fairly large company spotted a USB stick on the pavement in the parking garage. Concerned that it might be important information of a colleague, the employee picks up the stick and takes it back to his office. To determine who is the owner, the employee inserts the drive into his computer and opens up the folders thinking that its contents will identify the owner. Read More→
How To Create Strong Passwords
Posted by: | CommentsPasswords are the foundation for computer, network and SaaS (Cloud) authentication. One has to create strong passwords to be the vanguard. The more complex you make your passwords, the safer your data becomes. Unfortunately, complex passwords and a frequent change policy are often met with resistance, causing employees to circumvent good security policy for convenience. Every organization needs a secure Password Manager. Microsoft Gold Certified Partner Uniblue recently posted the following article on password security. Read More→
Are Govt. Websites Designed by Preschoolers?
Posted by: | CommentsIt has been reported that Paul Ducklin, Head of Technology for Sophos, referred to the Lulz Security (LulzSec) hackers as “schoolboys.” He added that most of the break-ins were “languorously orchestrated, using nothing more sophisticated than entry-level automatic web database bug-finding tools, available for free online.” So are schoolboys hacking sites designed by preschoolers? Read More→
More Hacking. When Will it Stop?
Posted by: | CommentsThe simple answer? It won’t. To paraphrase Willie Sutton, bank robber, “That’s where the money is.”
PBS, Sony, Lockheed, Amazon, IMF, US Senate, etc., all announced in 2011 that their systems were hacked. Security specialists are now calling 2011 the year of the hacker. Weak SecureID tokens, malware, password attacks, etc., have all been used. Foreign governments, terrorists, drug cartels and a “hacking collective” called Lulz Security have been accused. Recently, the DOD announced that cyber attacks can now be regarded as a military attack with the recourse being military ordnance. Read More→
Patco Needed To Take Responsibility For Their Own Security
Posted by: | CommentsIn the ComputerWorld article “Judge rules against trial in lawsuit by victim of $588K cyber heist” by Jaikumar Vijayan about the lawsuit between Patco and Ocean Bank there were no winners here. There were mistakes done on both sides and lack of responsibility. Since I was not in the courtroom and didn’t follow the trial I can’t say if the judge’s ruling was the correct one but here is why both plaintiff and defense lost. Read More→
