There has to be a better way

IT Security Insider

Subscribe to IT Security Insider: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get IT Security Insider: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

Vancouver-based ENC Security Systems, which is supposed to make "un-hackable" Encrypt Stick flash drive software, has released an Encrypt Stick 5.0 Private Browser, a digital privacy browser that it claims is the safest way to browse the Internet. Its timing couldn't be better considering the Federal Trade Commission is now backing the development of a Do-Not-Track system for web that's got the online ad people worried about their $23 billion sector and claiming it will mean the end of free content and Firefox revisiting a Do-Not-Track mechanism after Mozilla, pressured by an ad exec, killed such a tool a few months ago for fear Madison Avenue would come up with something sneakier, the Wall Street Journal says. Anyway, the Encrypt Stick Private Browser runs from the user's flash drive and applies polymorphic encryption, which creates unique encryption algorithms ... (more)

Lessons Learned from LinkedIn

Users are making it too easy for hackers. If we take a closer look at the 6.5 million hashed LinkedIn passwords that leaked we find a large swath of the user population are ignoring warnings of overly simplistic and obvious passwords. Would you believe the most common word or phrase found in a 160K sampling of the list was “link”? And would you further shake your head in disbelief that “1234” and “12345” followed close behind. Rounding out the top 10 were “work,” “god,” “job,” “angel,” “the,” “ilove,” and “sex.” More so than Facebook, LinkedIn is the social media of choice for bu... (more)

Enhance Your Security Posture

With this post I would like to provide some personal thoughts on the key things organizations should be doing to enhance security, privacy and functionality of their IT.  This includes some specific recommendations for security solutions, including solutions I’m on advisory boards for (read the disclaimer).  So I better caveat this by saying “please use your own judgement!”   I associate myself with firms because I believe they are world class best and that is why I’ve mentioned the specific capabilities here. With that, here are my views of the top five things every government ... (more)

Cyber Security Alliance Helps Small Businesses Address Security Risks

Across all industries, small businesses are increasingly facing new threats related to cyber security. Whereas some have taken minimum steps to address these threats but most have not. New security threats and incidents are reported every day in news reports and a many remain unreported. This underscores the need for cyber security education of small business owners and managers. These threats have potentially serious consequences and could lead to unrecoverable damage to small businesses. What are some consequences of the lack of basic cyber security controls? Loss or stolen cus... (more)

Preventive Security Through Behavior Modification - Part 2

Last week, we saw that Defensive Security is not enough to solve the $1 trillion Intellectual Property and IT theft and cybercrime problem. This week, more about Preventive Security. Preventive Security is a set of technologies and processes used to prevent security incidents from even being attempted. These include awareness and training programs, establishment of proper policies and procedures and the use of technology solutions in support of existing laws. In fact, this is not very different from "regular" crime and how we deal with it. We arm ourselves with the means to catch ... (more)

Microsoft Accuses Salesforce Recruit of Stealing Its Cloud Computing Plans

Remember that Microsoft guy that Salesforce hired, the one that Microsoft sued to hold him to his non-compete? Well, last Thursday Microsoft told the Washington State Superior Court that gave Microsoft its temporary restraining order a few weeks ago that Matt Miszewski, who Salesforce hired to run its global CRM government business, the same job he had at Microsoft, had stolen its cloud plans. It said it found Miszewski in possession of 25,000 pages of its closely held 2011 sales strategies, internal playbooks, competitive analyses and marketing materials during discovery and tha... (more)