Friday, August 29, 2014
So, a bunch of US financial institutes have been hacked. Nothing new there, if we are being brutally honest. The newsworthyness in this particular case comes courtesy of one of those organisations apparently being none other than JP Morgan Chase. USA Today reported yesterday that a federal law enforcement official had told the media outlet, unofficially, that Russian hackers were behind the series of breaches which resulted in the loss of "sensitive data." JP Morgan Chase did not confirmed the accuracy of the report, but a spokesperson did tell USA Today that it uses "multiple layers of defense to counteract any threats" and "constantly monitor fraud levels." Which is about as helpful as a bucket of mud to clean the floor with. The FBI were a little more forthcoming, admitting that it is working with the secret service in order to determine the scope of "cyber attacks against several American financial institutions." So what do we know about what happened? The answer, as you might have expected by now, is very little. That hasn't stopped the security industry from lining up to provide DaniWeb with some guesses though.
Thursday, August 28, 2014
I'm not playing Buzzword Bingo this week, but I am going to mention BYOD (or Bring Your Own Device, if you prefer) and - as enterprises around the globe will testify - plenty of people do. The explosion in using consumer devices in the workplace should not have caught anyone by surprise. When such devices catch up with, and in many cases surpass, business kit in terms of sheer power, flexibility and cost, then BYOD becomes a no-brainer. This is a good phrase, as it also sums up what appears at first glance to be some very worrying security news that broke this time last week.
Wednesday, August 27, 2014
Bring Your Own Device (BYOD) in its many forms is fast becoming a fact of business life. Many decision makers and IT departments might not like it, but, regardless, they cannot afford to ignore it. Staff will bring their own devices into the enterprise, and they will throw data on the move into their preferred cloud store. Stopping it is difficult, nigh on impossible, but mitigating the risks involved isn't.
Monday, August 25, 2014
The average enterprise subscribes to the services of at least three cloud vendors, according to research by iland. Even allowing for departmental-level fragmentation being involved, this rather suggests that there must be good business reasons for having more than one cloud service provider. But, how do you strike the balance between not having enough cloud service providers at your disposal and having too many?
There's a truism that I like to share with as many people as possible: if you don't want other people to see something, then don't post it online. It is, you might think, a pretty simple concept to grasp. After all, you wouldn't stroll into a bar with a megaphone and yell "I'm not wearing underwear" if you wanted to keep that secret would you? But would you write that fact down on small pieces of paper and slip them unnoticed into the pockets of people in that bar if you wanted to reveal all (please excuse the unfortunate choice of phrase) without revealing your identity? In a nutshell, that's what apps such as Secret promise to do; but such a promise of anonymity is always going to be hard to deliver.
Monday, August 18, 2014
The statistics for cybercrime, online fraud and data theft make for disturbing reading. The Federation of Small Businesses (FSB) reckons the cost to each business is £4,000 per year, with around a third of FSB members falling victim to online crimes such as malware infections, hacking attacks or full-on data breaches. For the small- to medium-sized-business (SMB) owner especially, the impact of such attacks go beyond the immediate financial loss and disruption to the daily working schedule – there’s the loss of reputation and customer trust to factor in, too. Despite this, it’s SMBs that have the most difficulty finding affordable and doable security measures. This can lead to substandard protection or – worse still – no security at all. To help solve the problem, here are ten simple ways to make your business more secure.
Saturday, August 16, 2014
SuperValu has confirmed that is has, indeed, suffered a data breach. The supermarket company stated that what it calls a "criminal intrusion into the portion of its computer network that processes payment card transactions for some of its retail food stores, including some of its associated stand-alone liquor stores" may have resulted in "the theft of account numbers, and in some cases also the expiration date, other numerical information and/or the cardholder’s name, from payment cards used at some point of sale systems at some of the Company’s owned and franchised stores."
Monday, August 11, 2014
Thursday, August 07, 2014
An interesting post appeared yesterday in the official Google Online Security and Webmaster Central blogs which confirms that in an effort to "make the Internet safer" it has been testing a system which looks at "whether sites use secure, encrypted connections as a signal in our search ranking algorithms." This follows calls for HTTPS everywhere at the recent Google I/O a few months back. Google says is has seen positive results, and is now actually using HTTPS as a ranking signal albeit a "very lightweight" one which only impacts