On The Internet! Take the Self Improvement Tour
My 3 Top Security Strategies for 2012
In Justine Rivero’s latest article “Three New Ways to Protect Your Identity in 2012” she is absolutely correct that smartcards for secure payment is needed because it is better to use security upfront than rely on identity theft protection after the fact. But why stop at payment? Smartcards offer secure data access to medical records, corporate networks, online commerce sites, computer logons, applications, and anything else where user authentication is required.
Identity thieves and cyber criminals are not just after credit card numbers. All the recent news articles about attacks by “Anonymous”, “Chinese” and organized crime has shown that digital information theft that can be used to embarrass, blackmail, and spy on companies and governments is damaging this nation. If you want to start re-building America then start by securing your data. Don't wait for politicians to deliver solutions because they consistently prove they are part of the problem.
Ms. Rivero is also correct in citing that identity theft average out-of-pocket costs per victim is $631, but that is nothing compared to the average costs of $7.3M per incident that a company or organization has to pay. Plus, the damage to an individual’s personal information is still at risk no matter what protections the individual deploys.
Companies have to stop discussing cyber dangers and start deploying the following:
My 3 top security strategies for 2012:
1. Deploy smartcard technology to authenticate users prior to data access. For some organizations it may be the more complex and expensive PKI solution, others might need only a secure password manager and others may need both. Independent of the authentication technology, smartcards are the best defense on the market to add that barrier of protection.
2. Encrypt all laptop, computers and mobile media data storage devices. It seems that only a few years ago it would just have been a computer’s hard drive that one had to worry about. But not if information is stored on the cloud, laptop or USB drive. It all needs to be encrypted.
3. Don’t reach for the cloud until you know you can fly. Today there is so much hype about moving company information to a cloud based architecture. The rational is that the cloud reduces IT costs and makes access to data easier for all your employees. However, what is often not discussed is where the server farms are actually located, how secure these servers are, and that as more information is stored the more enticing it will be for cyber thieves to want to attack. In a recent un-scientific poll running on LinkedIn asking what is holding back cloud deployment, 53% say its security.
4. Bonus: Take time to educated your employees about security. It seems that the number one attack is still the phishing email with attached malware file that the employee innocently opens up that then takes down an entire company.
So in conclusion, IT security has to have many different barriers, safeguards and protection points. Anti-virus, firewalls, encrypted data, etc. is still needed but what is still overlooked is the deployment of multi-factor credentials that authenticate the user before they ever get past the firewall.
Dovell Bonnett has been creating security solutions for computer users for over 20 years. In order to provide these solutions to consumers as directly, and quickly, as possible, he founded Access Smart. With each of his innovations, the end user — the person sitting in front of a computer — is his No. 1 customer.
This passion, as he puts it, to “empower people to manage digital information in the digital age” also led him to write the popular Online Identity Theft Protection for Dummies. Within the pervasive nature of our e-commerce and e-business community, personal information, from credit card numbers to your pet’s name, is more easily accessed, and identity theft and fraud has become an issue that touches every consumer.
Mr. Bonnett’s solutions reduce security risks for individual users, small businesses and large corporations. His professional experience spans 21 years in engineering, product development, sales and marketing, with more than 15 years focused specifically on smartcard technology, systems and applications. Mr. Bonnett has spent most of his smartcard career translating and integrating technology components into end-user solutions designed to solve business security needs and incorporating multi-applications onto a single credential using both contactless and contact smartcards. He has held positions at National Semiconductor, Siemens (Infineon), Certicom, Motorola and HID. He is the author of smartcard articles, regularly presents at conferences, and helps companies successfully implement smartcard projects. Mr. Bonnett has been an active member of the Smart Card Alliance contributing to the development of physical access security white papers. He holds dual bachelor’s degrees in industrial and electrical engineering from San Jose State University.
Post new comment
Please Register or Login to post new comment.