Archive for July, 2010

h1

Do You Know Who’s Watching You?

July 29, 2010

Source: Infographic byWordStream Internet Marketing

h1

New Approach to Cyber Security: NYU-Poly Educates Engineers to Think Like Policy Makers and Psychologists to Protect Cyberspace

July 28, 2010

The Polytechnic Institute of New York University (NYU-Poly) will launch an innovative graduate program to educate scientists and engineers to address the increasingly complex issues surrounding information security and privacy. A $2.85 million award from the National Science Foundation’s flagship interdisciplinary training initiative, Integrated Graduate Education and Research Traineeship (IGERT), funds the program.

“Traditionally, engineers are taught to evaluate projects by technical standards alone, a narrow approach that is out of touch with today’s connected society,” said the initiative’s team leader, Nasir Memon, professor in the Department of Science and Engineering and director of the Information Systems and Internet Security Lab. “For the scientists of tomorrow, social context will be a critical aspect of innovation.”

Called INSPIRE (Information Security and Privacy): An Interdisciplinary Research and Education Program, the program will address the shortage of scientists and engineers versed in the interplay between information security and economics, psychology, public policy and law. INSPIRE graduates will be able to apply their understanding of these fields to develop technology solutions attuned to an increasing dependence on trustworthy information systems.

Read More

Ready for a Private and Secure Online Workspace – GoSecure

h1

Dealing with Security Threats to Your Startup

July 26, 2010

Even if your startup’s security doesn’t quite rise to the level of military intelligence and classified information, you do need to pay attention to security issues. The stakes are higher than just the damage to your reputation if it turns out your CTO has friended the next “Robin Sage” on Facebook.

According to secure web hosting providers FireHost, over 17,000 websites are hacked a day, and it’s no longer just governmental agencies that are the targets. So if your business relies on its website – whether for e-commerce or just online presence, then you should take steps to secure it – to both human and technical vulnerabilities.

When choosing a hosting provider, says FireHost CEO Chris Drake, many folks look for the statistics around up-time and performance. But security provisions need to be taken into consideration as well. After all, if your business relies on website up-time and performance, a security breach can cause as much damage – if not more – than your host provider simply going down. Fines for leaked credit card information, for example, might run upwards of $200 per affected consumer and the damage to your finances, let alone your brand, could easily ruin your business.

You might want to bookmark FireHost’s list of steps to take if your website is hacked:

• Step 1 Announce and assess the breach
• Step 2 Conduct a deeper investigation
• Step 3 Notify affected individuals and organizations and begin remediation
• Step 4 Re-launch
• Step 5 Communicate the resolution publicly and to affected parties
• Step 6 Take steps to remediate vulnerabilities and prevent a future breach

But an ounce of prevention, as the saying goes, is worth a pound of cure. And Drake recommends taking steps to prevent security crises before they happen.

Read More

Ready for a Private and Secure Online Workspace – GoSecure

h1

Wal-Mart Radio Tags to Track Clothing- has privacy advocates raising questions.

July 23, 2010

Wal- Mart’s latest attempt to use its influence—executives call it the start of a “next-generation Wal-Mart”—has privacy advocates raising questions.

While the radio tags can be removed from clothing and packages, they can’t be turned off, and they are trackable. Some privacy advocates hypothesize that unscrupulous marketers or criminals will be able to drive by consumers’ homes and scan their garbage to discover what they have recently bought.

They also worry that retailers will be able to scan customers who carry new types of personal ID cards as they walk through a store, without their knowledge. Several states, including Washington and New York, have begun issuing enhanced driver’s licenses that contain radio- frequency tags with unique ID numbers, to make border crossings easier for frequent travelers.

Some privacy advocates contend that retailers could theoretically scan people with such licenses as they make purchases, combine the info with their credit card data, and then know the person’s identity the next time they stepped into the store.

“There are two things you really don’t want to tag, clothing and identity documents, and ironically that’s where we are seeing adoption,” said Katherine Albrecht, founder of a group called Consumers Against Supermarket Privacy Invasion and Numbering and author of a book called “Spychips” that argues against RFID technology. “The inventory guys may be in the dark about this, but there are a lot of corporate marketers who are interested in tracking people as they walk sales floors.”

Read More

Ready for a Private and Secure Online Workspace – GoSecure

h1

The Dangers of Friending Strangers: the Robin Sage Experiment

July 22, 2010

Adding tons of Facebook friends doesn’t necessarily make you popular; it may actually put you and the Defense Department (DoD)’s information security at risk—especially when you have friends you don’t even know. Provide Security, a cyber security company, illustrated this danger with the Robin Sage Experiment. The experiment created fake Facebook, Twitter and LinkedIn profiles under the alias, “Robin Sage.” A photo of a cute girl (borrowed from an adult website) and the job title “Cyber Threat Analyst” completed the fake profiles.

From there, Thomas Ryan, co-founder & managing partner at Provide Security, posing as Robin, sent requests and established social network connections with more than 300 professionals in the National Security Agency, DoD, and Global 500 corporations. Robin’s new friends revealed information to Ryan that violated military operational security and personal security restrictions. “The worst compromises of operational security I had were troops discussing their locations and what time helicopters were taking off,” Ryan said during a phone conversation.

People also sought Robin’s professional advice, invited her to dinners, and offered her job opportunities. Not bad in this economy, especially for a person who doesn’t even exist. “From one person I was profiling, I was able to get all the security questions for their email and bank account,” Ryan said. “These are questions like ‘what was your first car’?”

According to DoD’s directive-type memorandum concerning social media and Internet capabilities, it is the responsibility of military leaders on all levels to ensure the safety of DoD and personal information.

All service members are instructed to beware of operational security when using communications such as telephone lines and e-mail; however, service members need to remember that information posted through social media should be regulated the same way, despite the casual feel of many of these sites.

Read More

Ready for a Private and Secure Online Workspace – GoSecure

h1

What the Government Has Learned From Cloud Computing: Talking With Tarak Modi

July 21, 2010

Listen to a podcast with Tarak Modi, Vice President and CTO of CALIBRE Systems. Tarak is an industry thought leader in IT transformation and modernization technology such as enterprise architecture, SOA and cloud computing, and in this podcast, we check in once again about what’s going on with cloud computing and the government.

Listen to or download the 12:18 minute podcast

Ready for a Private and Secure Online Workspace – GoSecure

h1

New “reform” law destroys financial privacy

July 21, 2010

Hallelujia! We’ll now have another “Reform!” law — this one designed to “reform” our “financial services” industry to prevent any further meltdowns such as that which struck in 2008 and continues to cripple segments of our economy two years later. The president himself could hardly contain his hyperbole in describing the legislation he is today set to sign into law; he calls it “innovative” and “creative.” Yet, lurking within its hundreds of pages of fine print, are provisions that will essentially destroy what little financial privacy remains for virtually every consumer of financial services in the country. In that respect, yes, the legislation certainly is ”creative”; but that is one kind of creativity we can do without.

But it’s really too late. Thanks to this financial services “reform” law, federal bureaucrats will have ready access to virtually every financial transaction that will take place in the country — from the largest bank acquisition to the smallest ATM withdrawal. The guise under which federal regulators will be able to gather and data-base such detailed financial transaction information will be the responsibility given them in this new law to ensure that every “financial product or service” is “fair, transparent and competitive.” And, of course, the reasoning goes, in order for the government to figure out if the system is running “fairly, transparently and competitively,” it has to be able to monitor all the myriad services and transactions which banks and other financial services entities offer.

Does it give you a warm, fuzzy feeling knowing that your private financial transactions will be collected by a new “Bureau of Consumer Financial Protection?”

Read More

Ready for a Private and Secure Online Workspace – GoSecure