If you rewind the clock back 50 years, the rich were those who had a big bankroll in their pocket. This was before most of us had credit cards. Debit cards were a nice idea and the concept of PayPal was a pipe dream. Fast forward to 2013 and we all know that money is still power, but getting your hands on sensitive data seems to be the way to riches.
Of course stealing secrets is nothing new. The Romans were some of the first to invent rudimentary forms of encryption to send battle plans safely between troops. If you are a spy fan, everything from James Bond, to Get Smart, to the latest television show The Americans, shows how important stealing secrets can be.
Read the rest of this entry »
eDocument Sciences joined with Fasoo.com and its partners ACT Solutions, Brite Computers, Ricoh and Toshiba this year at the RSA Conference 2013 in San Francisco. The booth was very busy with a lot of customers interested in ways to protect the most important information in their businesses. This years themes focused on protecting data from mobile up to the cloud. Fasoo had a lot of new graphics in the booth and some interactive demos and videos showing just how to stop data breaches and keep your business safe.
Just like last year, the talk of the floor was about all the unauthorized intrusions and hacking going on as more sophisticated attacks continue from governments and rogue organizations. Stealing medical information has become very big business as discussed in a few of the sessions. Just in the last few days, Evernote was added to the list of high profile attacks as hackers stole email addresses and passwords. While there is still a lot of talk about perimeter security solutions, a lot of companies are realizing that they need to worry more about their data and not the perimeter. If you build a higher wall, the bad guys will just bring a taller ladder.
Read the rest of this entry »
Today Fasoo launched DigitalQuick, its new beta cloud security service. This is very timely with all the recent news about cyber espionage and hacking by the Chinese army. Sophisticated computer hacking makes all of us more vulnerable to data breaches and theft of our intellectual property.
These hacking stories make me realize that no one is immune. Stories about cyber espionage focus on either stealing corporate secrets or infiltrating government or infrastructure systems. The Chinese hackers seem to be targeting companies and trying to steal intellectual property. This information is typically sitting in documents on desktops, servers, mobile devices and in the cloud.
Read the rest of this entry »
Today, SafeNet released the State of the Data Breach survey which surveyed hundreds of U.S. enterprise security professionals. The survey asked for views on current information security measures and how likely their organization would suffer a data breach. About 2/3 of respondents said they will be the victim of a data breach in the next 3 years.
This is not a surprising finding since large and small organizations alike are getting breached. There are the big ones that make all the headlines, like LinkedIn, Twitter and Zappos. But just in the last month there were some significant data breaches, like one at the Florida Department of Juvenile Justice. In this case a mobile device was lost or stolen with 100,000 records containing personally identifiable information (PII). The lesson is that you are not too small to be a target.
Another interesting finding from the report was that most organizations are still using the same technologies to prevent data breaches and network intrusions. This seems counterintuitive. If I’m using something and it’s not working, why continue to use it?
Read the rest of this entry »
With the recent revelations that Chinese hackers infiltrated both The New York Times and The Wall Street Journal, I thought it was time to look into password security again. The hackers were monitoring the newspaper’s China coverage and wanted to know what reporters were involved.
The hackers were after employee passwords so they could access email accounts and other resources. Both organizations claimed they only accessed emails and there was no further damage, but only time will tell.
I haven’t seen any reports on how simple or complex the passwords were, but if the reporters are like most of us, they probably had something that could be cracked with a simple dictionary attack. Last month I wrote about reviewing passwords and making sure you have a bit of complexity in them. The key thing is the length of your password and using characters that aren’t in a dictionary.
Read the rest of this entry »
