Why Your Business Requires Security

The States and Federal Identity Theft and Privacy Protection Laws now require businesses, agencies and organizations of all sizes to protect all personal information they store, and report to all their customers whenever a breach occurs. The financial ramifications after having a data breach can be very substantial to both present and future business. In some many cases a company never does recover from a breach and is forced to close down. Currently, the average cost on a company is $3.7M per incident.

A Found USB Drive Is Not a Safe USB Drive

By · Comments Comments Off on A Found USB Drive Is Not a Safe USB Drive

A Found USB Drive is Not a Safe USB Drive by Dovell BonnettRecently, I was told of an incident where an employee of a fairly large company spotted a USB stick on the pavement in the parking garage. Concerned that it might be important information of a colleague, the employee picks up the stick and takes it back to his office. To determine who is the owner, the employee inserts the drive into his computer and opens up the folders thinking that its contents will identify the owner. Read More→

Comments Comments Off on A Found USB Drive Is Not a Safe USB Drive

Keep Your Enemies Close, but Your Friends Closer

By · Comments Comments Off on Keep Your Enemies Close, but Your Friends Closer

Our government seems to have problems securing both our physical and virtual boarders. It seems that when it comes to cyber security all the old paradigms have turned upside down. In the recent article “Indian Intelligence Have U.S. Government Passwords, Hacker Claim” has proof that the Indian intelligence is spying on the US government. One of the main culprits for accessing government data files is weak passwords. Power LogOn by Access Smart can take an existing PIV/CAC card and add on secure password management without any re-badging or re-issuance of cards, employees can self-enroll from their office, and licenses are transferable to handle employee turnover. With the purchase of the Power LogOn Starter Kit for $400, IT can perform a complete test/pilot in a matter of hours and not months/years. To learn more about extending your current government credential, please see our post “Why rebadge when you can extend functions?”

Comments Comments Off on Keep Your Enemies Close, but Your Friends Closer

Bogus Purchase Receipts In Your Email Box

By · Comments Comments Off on Bogus Purchase Receipts In Your Email Box

Bogus Purchase Receipts in Your Email Box by Dovell Bonnett | Access-Smart.comAs we do more online business and commerce, we expect to receive a receipt for our purchases: Amazon, iTunes, etc.

Online thieves and spammers know this too and they are spamming us with bogus receipts with a high dollar amount just to catch your attention. A key clue that it is a scam is when you move your mouse cursor over the link, if you don’t recognize the web address displayed then odds are it is a phishing email. Don’t fall for the scam and certainly don’t click on the links.

Here are some tips to protect you: Read More→

Comments Comments Off on Bogus Purchase Receipts In Your Email Box

Preventing Physical Identity Theft

By · Comments Comments Off on Preventing Physical Identity Theft

Source: Online Identity Theft Protection for Dummies by Dovell Bonnett

“Online Identity Theft Protection for Dummies” was written by Access Smart’s CEO Dovell Bonnett to teach companies and individuals best practices for protection against online identity theft. Physical identity theft occurs when thieves come in close contact with their victims or the information they’re stealing. for example, Thieves may engage in dumpster diving, where they look through garbage, or literally dumpsters. to find papers with account numbers, addresses, name of family members, Social Security Numbers, drivers license numbers, or anything else that identified an individual.

Are you sure you shredded last year’s bank statements? How about all that junk mail you tossed – no credit card offers in there, where there? If you are responsible for a corporate or small company, how likely is your administrative staff to shred or archive – NOT toss – sensitive documents?

Thieves will steal outgoing or incoming mail from your mailbox. They may also call you on the phone and pose as a company representative who needs to update their company’s files. If this happens, insist on returning their call and see how quickly they hang up on you!

You don’t even have to be the thief’s direct target when it comes to them trying to get to your information. They may go to a neighbor, friend, spouse, child, employer, or even pose as another company to get the information they seek.

The following is a list of other ways to for someone to physically steal your identity:

  • Card skimming. Using a storage device to record your credit card or ATM magnetic stripe. When you hand your credit card to someone (think waiters) who then takes it away to process, it has now left your control and you have no idea what is actually being done with it while it is out of your possession.
  • Computer theft. Stealing laptop or desktop computers with unprotected files has been active in the news, especially for companies and medical professionals. Individuals also store unprotected bank records, old electronic tax returns, stock portfolios, and other account information on their computers’ hard drives.
  • Desktop snooping. The thief literally sits at your desk and rummages around looking for notes, sticky notes, pieces of paper, books, or anywhere you may have jotted down your passwords. So what is under your desk pad? Or on that sticky note in your top drawer?
  • Dumpster diving. A person goes through another person’s or company’s trash looking for documents, cancelled checks, bank statements, employee records, addresses, pre-approved credit card applications and so much more.
  • Fake ATM’s. What looks like an actual ATM machine is in reality a computer that record your PIN, copy all your magnetic stripe material, and then give the card back stating that the network is busy or out of service. The user then takes his/her card back and thanks nothing of it as he travels down the road looking for a working ATM.
  • Filing a “Change of Address: form. The thief contacts a bank, post office, or utility company to put n a change of address request. This diverts your mail or statements to a new address that allows the thief access to your personal informaition until you actually realize that you are not getting your statements.
  • Home/office burglary. Thieves break into a house or office to steal important papers, files and computers along with the easy to sell electronics, cash and jewelry. By making it look like a normal burglary, the identity thieves are obscuring the true purpose of the break-in, which is to obtain your personal identifying information.
  • Postal mail theft. Stealing outgoing or incoming mail from a street-side mailbox. That red flat sticking up signaling that mail is in the box is not just letting your postal carrier know that there is mail in there. You are also letting thieve know that you are probably paying bills and they now have access to account numbers and your checking info if you are paying by check.
  • Over-the-shoulder-surfing. Someone you know looks over your should while you type a password. This can be coworkers, friends and family members.
  • Phone pretexting. Someone will call pretending to be from a legitimate company claiming that they need to update their records. Most people, recognizing that they do indeed do business with this company will give out their personal information without hesitation. Again, insist on calling them back.
  • Purse and wallet theft. Pick pockets and purse snatchers are as active as ever due to all the important personal information that we keep in our wallets and purses. It is a very BAD idea to keep your Social Security card in your wallet!
  • Social engineering attacks. Posing as a landlord, employer, or someone else who has legal, authorized access to your personal information. People all to often give out personal information to someone who looks authoritative and legitimate.

People are becoming increasingly aware of how physical identify theft occurs and are taking precautions such as shredding bills and other documents, renting post office box rather than leaving their mail at the curb and refusing to engage with telemarketers.  As a result, identity thieves are looking for, and finding, other ways to obtain your personal information.  The targets now are your computer, zip drives and of course, the internet.

For more information about how to safeguard your critical information, please order your FREE copy of Online Identity Theft Protection for Dummies.

Comments Comments Off on Preventing Physical Identity Theft

Corporate Network Security Technology Comparison

By · Comments Comments Off on Corporate Network Security Technology Comparison

A few years ago, many of us had only a few passwords to remember. Today, we have dozens. Corporate networks have become virtually impossible to use today without passwords. On top of this, “IT’s best security practice” requires that employees change passwords frequently and use long, complex passwords. Unfortunately, this has encouraged poor password management habits that lead to security breaches, privacy violations and huge fines.

IT managers have a host of secure, authentication technologies available to safeguard corporate networks. Alongside Smartcard-based Password Managers are One-Time Password (OTP), Certificate-based Logon (PKI), and server-based Single Sign-On (SSO) all targeted to solve the “password problems”. Read More→

Comments Comments Off on Corporate Network Security Technology Comparison