hover animation preload hover animation preload hover animation preload
wordpress post entry title background
The Importance of Basic IT Security Practices
post entry title background
wordpress post entry meta background
post entry date iconTuesday, October 18, 2011
post entry date icon0
post entry comments background

By ADuch -

Many companies in 2011 have been hit by high level attacks and breaches by malicious hackers. How are these organizations being targeted, and how are hackers penetrating their networks? It all starts with the lack of security awareness by individuals at a company.

In a recent article by Computer Weekly, Lieberman Software conducted a survey with 300 international IT professionals. The survey showed that:

  • 50% of the respondents have worked for a company that have not changed their privileged passwords
  • 50% of the respondents have worked for a company that have had its computer networks breached
  • 42% of the respondents were aware that an IT staff was sharing passwords with others and giving them access to several systems
  • 26% of the respondents knew of an IT staff abusing a privileged login to gain access to sensitive data

 

These results show that senior management need to enforce and pay attention to basic IT security practices. This means to constantly change passwords when you can, and to limit and/or lock down access to any systems that carry sensitive data. These little things will increase security and help keep hackers away.

Read the full story at ComputerWeekly.com and get more stats from the survey.

http://www.computerweekly.com/Articles/2011/10/18/248187/Password-chaos-linked-to-network-breaches-survey-finds.htm

 

Tags: , , , ,
wordpress post entry title background
Data Security Regulation 2.0..Why encryption is so big for business today
post entry title background
wordpress post entry meta background
post entry date iconTuesday, June 16, 2009
post entry date icon0
post entry comments background

By c-emmons -

Nevada and Massachusetts have become the forerunners for data security recently.  With the current data security regulation (1.0), businesses are required to notify individuals if there is a potential personal information breach which could lead to identity theft.  This law is used mostly to set standards in responding to incidents but not in actually preventing them from occurring in the first place.  As many may remember, the reason for the regulation in the first place was due mainly to the data breach that companies such as TJX, ChoicePoint, DSW and BJ’s Wholesale suffered.  With TJX as their guinea pig, the Federal Trade Commission conducted a new wave of security referred to as Data Security Regulation 1.5.  This made higher standards for business security that penalized any data breaches.  However, it lacked an implementation of any technology to fight against this.  Which brings us to Data Security Regulation 2.0.

New laws in the states of Nevada and Mass are looking to set specific standards which include the use of encryption when collecting and transmitting hte personal information of its buyers. On October 1, 2008 the Nevada law was effective saying that information was not allowed to be transmitted other than via fax unless encrypted which is defined as “requiring the use of cryptographic keys to decipher data.”  Although Nevada is certainly a leader for security, it has nothing on the programs that Massachusetts is looking to install.  They are bearing down on all levels of companies and considering each to be on the level of banks and their need for information security.  Going much further than simply encrypting data, business must undergo operational requirements such as a developing a written information security program which must be approved by the standards of the Commonwealth of Massachusetts.  Encryption according to Mass is more narrowly defined as “the transformation of data through the use of algorithmic process, or an alternative method at least as secure, into a form which meaning cannot be assigned whithout the use of a confidential process or key.”  Due to the complexity of the law and complaints from business owners it will not be authorized until January 1st of 2010.  Businesses that store personal information in electronic or paper from must abide by these laws and any violations carry a heavy fee of $5000.

These new laws are just the beginning of information security practices.  It will be difficult to employ them, however, if all the standard vary state-to-state.  It is the best interest of the businesses everywhere to begin to implement security measures that comply with Massachusetts since it is the strictest.  Many enterprise leveled businesses and beyond have since begun to protect their name brand as well as their customer information by using ws_ftp and other file transfer products, which are in compliance with the law.   Until there is one standard law for all businesses, every company from McDonald’s to the local icecream store should start encrypting.

Tags: , , , , , , , ,

Welcome to File Transfer Planet!

Formerly FTPplanet.com, we have redesigned and relaunched as FileTransferPlanet.com, a community site for discussions about file transfer, web design, software deals, and other cool topics! Registration is free -- Post a question in the Discussion Forums or comment on any blog posts.

Lets Get Social!

Follow us on Twitter

Newsletter Signup

FTPplanet Archives

Recent Tweets