Posted by Kalyani M. on Mar 27, 2014
The recent major data breach at Target has been an eye-opener that showed how malware infected Point-Of-Sale (PoS) devices can be exploited to gather huge amounts of credit and debit card data. Malware attacks are on the rise these days. The reason why most of these attacks are successful is because most of the malware being used is new and unknown, and no defense mechanisms are in place to counter it. Another new form of malware, called Ploutus, is targeting ATM machines and allowing cyber criminals access cash. In order to install this malware, the hacker needs to be able to physically access the ATM machine. Therefore, in the majority of cases it is seen that standalone ATM machines, especially the ones in convenience stores, become victims of data breaches. The ATM machines in banks are usually more secure than standalone ATM machines, and have a heavy physical shield protecting them from unauthorized access.
Posted by Kalyani M. on Mar 25, 2014
In our modern day and age, many enterprises are embracing cloud computing. However, one of the major concerns regarding cloud computing has always been security. Encryption in cloud computing is still in a state of flux and infancy. Some vendors provide encryption, while others don’t. There are different kinds of encryption schemes for securing data in the cloud, sometimes integrated within a system. Whenever a company decides it move its applications to the cloud, it considers several pros and cons before doing so. These are some of the questions that come to our minds before storing our data in the cloud- How the data is protected? Can we encrypt the data? How the encryption keys are managed? Who will have access to those keys?
The goal of encryption is to ensure that data stored in the cloud is protected against unauthorized access. Access to sensitive user data by third parties is a violation of privacy, and should never occur. In the light of PRISM revelations and major data breaches, like the recent Target breach, it is extremely important for enterprises to bolster cloud security. The surveillance programs by the U.S government have raised security concerns among many people. One of the things that worries end users the most is possible access to their personal data by parties without their knowledge or permission. Even globally, companies outside of U.S. have expressed security and privacy concerns regarding U.S.-based cloud companies. In order to restore the trust of their customers, companies need to take strides to strengthen their cloud security practices.
Posted by Kalyani M. on Mar 20, 2014
The PRISM revelations have made us more aware and proactive regarding maintaining our privacy in the electronic medium. The NSA has left no stone unturned to monitor and gather millions of user data. They have circumvented almost every security control on the Internet for bulk data collection. When it is not possible for them to break into the system, they provide legal notice to companies to access sensitive user information. In such a situation, how can we expect to maintain the security of our data? How can businesses retain the trust of their consumers that their data is safe from surveillance?
Recently, Edward Snowden spoke at the Southwest Interactive technology festival in Austin via satellite video, regarding the importance of encryption for data privacy. He said encryption works if it is implemented properly. This practice has time and again proved to be one of the most effective ways of protecting data. Snowden emphasized that encryption should not only be implemented by businesses, but active research and analysis should also be done on this security control at an academic level. The best method is end-to-end encryption. It ensures complete security of data against unauthorized access. However, often times it is seen that end-to-end encryption is not implemented in mainstream commercial products. Across the majority of the Internet, online companies are hesitant to implement end-to-end encryptions in their products.
Posted by Kalyani M. on Mar 18, 2014
Cloud computing is attracting many enterprises because of its easy deployment, cost effectiveness, and flexibility. One of the major advantages of cloud computing is its disaster recovery approach. With this system, enterprises have a cost effective disaster recovery plan in place, and do not have to worry about deployment and maintenance of IT infrastructure or resources for disaster recovery. Cloud computing gives a completely different approach to disaster recovery. In this approach, the operating system, data and applications are integrated into a single software bundle or virtual server. This virtual server can be easily copied and backed up on an off-site data center within minutes. In comparison to the conventional disaster recovery approaches, this is extremely beneficial because it is hardware independent and therefore it is easy to transfer information from one data center to another without the burden of installing every component of the server. Cloud-based disaster recovery approach is extremely cost effective and dramatically reduces recovery time compared to traditional approaches.
Posted by Kalyani M. on Mar 13, 2014
When it comes to enacting new protections and punishments for massive data breaches, like the sort recently suffered by Target stores, Congress and credit unions are joining forces to fight back. Data theft threatens virtually every industry, from online gambling and alternate currencies like Bitcoin, to established healthcare providers and insurance companies. So when it comes to protecting customer data, everyone has a hand to play and a vested interest in the outcome. Major credit unions and their representatives are pushing for stronger penalties for data breaches so that they won’t have to keep recouping the costs of identity theft that is most often the direct result of such breaches. And congressional leaders are forging ahead to enact tougher laws and disclosure requirements to take advantage of the public’s wave of frustration over lost credit card information. While pushing for strong legislation is definitely a great step towards stronger universal data security standards and consumer protections, enterprises shouldn’t wait around for Congress to decide on a final plan. Instead, proactive businesses should stay ahead of the curve while gaining fierce brand loyalty by keeping consumer data private and anonymous through secure cloud storage and sync solutions.
Posted by Kalyani M. on Mar 11, 2014
Enterprises have scrambled to stay ahead of new regulations brought about by the Affordable Care Act, otherwise known as ObamaCare. The healthcare industry, however, is the most directly impacted by the law, as healthcare providers and insurance companies must prepare for an influx of new patients and a more widely insured populace. But as the insurance pool broadens, risk will be compounded as medical records and sensitive data becomes a brighter target for hacking and leaks. The best way to protect medical data in this new era of mandatory health insurance is through secure cloud storage and sync services that offer 100% data privacy and user anonymity. Anything less than full data privacy and security for medical records could result in damaged brands, exploited information, and increasingly costly HIPAA fines.
Posted by Kalyani M. on Mar 6, 2014
For many enterprises, security has become a chief concern in the light of hacking, the spread of malware, and international cyber wars. The latest in the litany of worries over data safety comes from news of 300,000 compromised routers. While many enterprises operate on a much bigger scale than the small office and home office (SOHO) routers that were recently attacked, the growing popularity of enabling mobile workforce and work from home policies jeopardizes sensitive company data, due to the relative insecurity of such commonly used routers. Instead of scaling back worker mobility, enterprises can still take advantage of on-the-go work and work from home solutions by securing important corporate and consumer data in a private cloud service.
Posted by Kalyani M. on Mar 4, 2014
For tech-savvy early adopters and enterprises seeking to stay ahead of technological innovations, Bitcoin has been presented as if it were a digital gold mine. This decentralized digital currency works through value transfers that are not yet regulated by any country, corporation, or bank. Bitcoin isn’t backed up by solid assets, so value tends to fluctuate with user investment, jumping from $150USD to $1,000USD in just a matter of months. While many enterprises have stayed away from Bitcoin use or investment until the legal issues are all cleared up, those that want to stay ahead of the curve can still take advantage of the currency while keeping their assets safe through private key storage and sync with a secure cloud service.
Posted by Kalyani M. on Feb 27, 2014
In the wake of the stunning data breach suffered by Target late last year, proactive enterprises have already started to draft and enact better security standards to protect corporate and customer data. Such data breaches irreversibly tarnish brands by establishing a bad corporate reputation and losing consumer trust that can be incredibly hard to earn back. Congress has started to discuss legislation that would provide a federal security standard along with consumer protections, but instead of waiting around for legislation that must be responded to, the best enterprises will leverage technology in their favor by seeking out fully secure solutions to data storage and syncing. Being able to proactively protect data not only offers peace of mind, but also allows enterprises to market themselves as fierce defenders of their consumers’ privacy, earning lifelong trust and better branding.
Posted by Kalyani M. on Feb 25, 2014
Millennials are typically seen as the go-to generation for all things tech-related. So it may come as a big surprise that recent surveys indicate that lax generational views toward data security could jeopardize the safety of your enterprise’s data. This flies in the face of the recent trend of reverse mentoring, in which younger workers share their tech habits to older workers. When it comes to bad habits, such practices could cause entire organizations to adopt unsafe data storage and syncing techniques, leaving sensitive corporate information open to attack or leakage.
The best way to protect such data is through strong internal systems and the adoption of secure storage and sync services. A recent survey put out by Softchoice is changing the way enterprises view their Millennial workers. According to the research, 28.5% of 20-somethings have their passwords kept in plain sight. This is in comparison with 10.8% of Baby Boomers. So it’s clear that the common wisdom that younger generations are inherently more data-secure falls flat on its face. The survey also found that the lack of secure password storage went hand in hand with syncing sensitive files to unprotected devices for the convenience of working from home. As Millennials are more likely than other generations to push for mobile or work-from-home options, companies need to find secure solutions to handle this trend without putting their data at risk.