“Formerly the exclusive domain of IT, information security is now a mainstream issue, as major retailers and government agencies have suffered data breaches, denials of service and destructive intrusions. Millions of individuals have been affected, and organizations are now forced to devote more resources to prevention and remediation. Everyone in the information chain, from consumers to CEOs, has become acutely aware of the hazards of failing to protect information.”
The theme of the first quarter of 2015 seems to be Information security and who carries the responsibility for providing it to Internet users. Last year’s breaches continue to remind us that our Identity and Internet security are ALWAYS at risk. But until we get breached, hacked, or have our identity stolen, we still don’t pay attention.
via Information security goes mainstream – KMWorld Magazine.
Thanks to KMWorld Magazine
Thanks to everyone who pitched-in to support this important legislation.
But it isn’t over. The Internet continues to be the vast Wild West of the 21st Century. And until it is tamed, it will continue to be frought with danger, scary places, and unscrupulous bad guys.
Net Neutrality Vote Thursday February 26, 2015
Thanks to our friends at Transition IT
HIPAA – Health Insurance Portability and Accountability Act of 1996 – protects your identity and healthcare data that is kept (or shared) by your healthcare providers themselves, not online web services that provide unverified health tips and information.
How nine out of ten healthcare pages leak private data | Naked Security.
Thanks to Naked Security
“In November, Gartner predicted 4.9 billion devices would be Internet-connected in 2015. Securing those devices however remains a challenge that consumers, IT departments and vendors will have to face. This is particularly true when it comes to the subject of authentication, and according to Gartner analyst Earl Perkins, current IAM solutions cannot meet the scale or complexity that IoT demands of the enterprise.”
via IoT Requires Changes From Identity and Access Management Space: Gartner | SecurityWeek.Com.
Thanks to : Gartner and SecurityWeek.Com
For those of you who don’t know that there are actual rules and policies that govern the organization and implementation of security policies within large organizations, let me introduce ISO 27001.
Now, mind you, these policies and their implementation don’t guarantee that any large organization will be able to prevent or eliminate breaches, intrusions, or compromises of their data. But they do go a long way toward improving the information and data security climate.
Information Security Policy – How to structure the document(s) | 27001Academy.
Thanks to 27001 Academy
We read these “revelations” as if they were news. In fact they continue to be old news as the NSA and other agencies charged with the National Security and other global responsibilities get “found out”.
Internet privacy and security demand rigorous and crafty methods to stay abreast of the individuals and governments bent on threatening innocent iPad owners.
Are you surprised?
Russian researchers expose breakthrough in U.S. spying program | Reuters.
Thanks to Reuters
Looks like more of the same – Cybercrime and dirty tricks on the Internet.
It seems as if all good things come with baggage. In this case, its the natural consequence of freedom and ir-responsibility. Did we really think that free and open means honest and forthright?
BBC News – Cyber-security experts judge ‘$1bn bank hack’ report.
Thanks to The BBC
Passwords continue to be the least secure point of entry into any of the computing devices that we use. The two biggest problems are the use of simplistic, easily predictable passwords like 123456 and asdfgh and the “cookies” on devices that store passwords in plain text just waiting for a sneak attack.
So the White House goal is enviable, but we are waiting patiently to hear the remedy.
White House goal: Kill the password | TheHill.
Thanks to The Hill
“IBM researchers announced plans for a cloud-based technology that holds potential to help consumers better protect online personal data, including date of birth, home address and credit card numbers.
Clled Identity Mixer, it uses a cryptographic algorithm to encrypt the certified identity attributes of a user, such as their age, nationality, address and credit card number in a way that allows the user to reveal only selected pieces to third parties.
Identity Mixer can be used within a digital wallet, which contains credentials certified by a trusted third party, such as a government-issued electronic identity card. It’s important to note that the issuer of the credentials has no knowledge of how and when they are being used.”
We continue to experiment and work to get the identity thing right – once and for all. But identity security continues to be a slippery idea, given the millions of devices and trillions of transactions every day!
IBM’s plans to fix personal identity security crisis – Computer Business Review.
Thanks to Computer Business Review
We do this three or four times a year and it seems to be working. According to SplashData the use of “bad” passwords is down about 8.5% in the last year. That means that nearly 9 out of 100 people DONT ise 123456 or 12345678 as their passwords any longer.
We’re making some headway – those of us who truly believe that privacy is important
Safe Password Practices.
Thanks to CSID