Why Your Business Requires Security

The States and Federal Identity Theft and Privacy Protection Laws now require businesses, agencies and organizations of all sizes to protect all personal information they store, and report to all their customers whenever a breach occurs. The financial ramifications after having a data breach can be very substantial to both present and future business. In some many cases a company never does recover from a breach and is forced to close down. Currently, the average cost on a company is $3.7M per incident.

Archive for Computer & Network Security

Jan
18

Keep Your Enemies Close, but Your Friends Closer

Posted by: | Comments Comments Off

Our government seems to have problems securing both our physical and virtual boarders. It seems that when it comes to cyber security all the old paradigms have turned upside down. In the recent article “Indian Intelligence Have U.S. Government Passwords, Hacker Claim” has proof that the Indian intelligence is spying on the US government. One of the main culprits for accessing government data files is weak passwords. Power LogOn by Access Smart can take an existing PIV/CAC card and add on secure password management without any re-badging or re-issuance of cards, employees can self-enroll from their office, and licenses are transferable to handle employee turnover. With the purchase of the Power LogOn Starter Kit for $400, IT can perform a complete test/pilot in a matter of hours and not months/years. To learn more about extending your current government credential, please see our post “Why rebadge when you can extend functions?”

Categories : Business Security, Computer & Network Security, Employee Security, General
Comments Comments Off
Jan
17

Bogus Purchase Receipts In Your Email Box

Posted by: | Comments Comments Off

Bogus Purchase Receipts in Your Email Box by Dovell Bonnett | Access-Smart.comAs we do more online business and commerce, we expect to receive a receipt for our purchases: Amazon, iTunes, etc.

Online thieves and spammers know this too and they are spamming us with bogus receipts with a high dollar amount just to catch your attention. A key clue that it is a scam is when you move your mouse cursor over the link, if you don’t recognize the web address displayed then odds are it is a phishing email. Don’t fall for the scam and certainly don’t click on the links.

Here are some tips to protect you: Read More→

Categories : Computer & Network Security, Employee Security, General
Comments Comments Off
Jan
12

Corporate Network Security Technology Comparison

Posted by: | Comments Comments Off

A few years ago, many of us had only a few passwords to remember. Today, we have dozens. Corporate networks have become virtually impossible to use today without passwords. On top of this, “IT’s best security practice” requires that employees change passwords frequently and use long, complex passwords. Unfortunately, this has encouraged poor password management habits that lead to security breaches, privacy violations and huge fines.

IT managers have a host of secure, authentication technologies available to safeguard corporate networks. Alongside Smartcard-based Password Managers are One-Time Password (OTP), Certificate-based Logon (PKI), and server-based Single Sign-On (SSO) all targeted to solve the “password problems”. Read More→

Categories : Business Security, Computer & Network Security, Employee Security, General
Comments Comments Off
Jan
11

2012 – The Year of Cyber Espionage?

Posted by: | Comments Comments Off

Lucian Constantin’s recent article “Expect more cyber-espionage, sophisticated malware in ’12, experts say” states that cyber-attacks in 2012 will increase with more sophisticated malware. Certainly companies like MicroTrend, Symantec and others have their work cut out for them to eradicate these attacks once they are launched. But taking a step back, the question arises as to how malware is first getting into the networks.

Answer: employee’s carelessness.

Using social engineering attacks are still the best and cheapest way to distribute malware. Spam emails, phishing, spearfishing, etc., all utilize attachments that can hide the malware. It still is amazing that such an and old and simple method is still the most effective. An according to some experts, educating the employees about information security is a waste of time. I disagree since even if one person is helping by being educated and aware it is better than having none. But education alone is not the solution.

Technology applications, networks and operating systems have to incorporate security as one of their key design components. Stop the patching and all the backward compatibility design concerns and start create an entirely new OS from scratch. We don’t run DOS and Windows 98 anymore.

Software applications also need to incorporate high security standards like integration with multi-factor credentials. Using a smartcard that first authenticates the user to the card, then the card to the computer, then authenticates the card and server to each other, and finishes up with the user to the application can greatly improve a company’s security.

Public cloud services are still scary at best. Do you really know how and where your data is being stored? Plus, when some of the biggest public cloud companies are “sidestepping security” with protection clauses in their contracts should tell you something. Private clouds can have more security safeguards but it requires knowledgeable people to build and manage.

Security is only as strong as the weakest link and that link is the employee. I would wager that majority of the employee caused breaches are done through carelessness. Employees have to get their jobs done and will often circumvent security protocols so as to increase convenience and efficiencies. That is why any security plan has to take into account the user. Otherwise, corporate officers are lulled into a false sense of security. A 25-character random password that has to be changed every 7 days is super security but don’t be surprised when there is an increase in Post-it Note supplies because these passwords simply cannot be memorized by most employees.

Power LogOn® by Access Smart® has been delivering multi-factor authentication, smartcard-based password management solutions for years. Users are able to store multiple passwords on a single smart card, no passwords are ever stored with in a computer that others can access our hack, and when the card is removed from the computer no critical logon data is left behind on the computer. If the card is lost or stolen all the passwords are protect because the card authentication includes a limited number of false entries before it is locked and needs IT assistance. From the users perspective a lost card is easily recoverable without having to change all your passwords.

Power LogOn – The Password Manager Solution by Access Smart

Users passwords need to be de-centralized and always in the possession of the user. Power LogOn is being used by individuals, small businesses, and large enterprises. So don’t wait for Windows 8 to think you can securely manage your passwords. Implement today and protect your data. Complex passwords are recognized as the way to secure accounts. Power LogOn allows businesses to securely manage all those passwords and for IT to be put back in control of logon security.

Categories : Business Security, Computer & Network Security, Employee Security, General
Comments Comments Off
Jan
10

Protect Your Physical Data From Thieves

Posted by: | Comments Comments Off

How to Protect Your Physical Data From Thieves by Dovell BonnettWe are constantly hearing about cyber threats to our online security, and I think it is a sure bet that we can expect it to continue to happen. And while it is VERY important to be as educated about online security as possible (consider this an ongoing education, by the way!), you should also be very aware of how thieves can gain access to your physical data.

The theft of sensitive information from companies can happen in two ways: physical data breaches or online breaches of security. Physical identity theft refers to cases where the identity thief needs to get in close to their targets or to the information they are trying to obtain. Read More→

Categories : Business Security, Computer & Network Security, Employee Security
Comments Comments Off
« Previous Page
Next Page »

Follow Us!

Power LogOn Ad

Password Manager

Power LogOn

Security Providers

Security & ID Theft News

Here’s some of the latest security news

Pages

Security Providers

Archives

Who is ID Protection Expert?

We are made up of different security and business professional who deal with security issues and products. Our goal is to help business owners and executive understand the many new changes and laws imposed on businesses to protect against data breaches, what a data breach can cost, what constitutes a breach and what can be done to protect against a breach.

Disclaimer: No technology, policy or service will prevent a breach from ever happening and anyone that claims they can is misrepresenting the facts. Security has to be thought of from a holistic perspective and how all the individual components can be tied together to create a central protective shield.

UA-2655354-4