From: Intuit QuickBooks, by Brian Penny on September 16, 2014
Cloud security is in the hotseat following a massive leak of celebrity photos that were stored on Apple’s iCloud service. Apple initially issued a statement that its servers are secure, but conceded that several prominent celebrities had their accounts compromised.
Your business may not be as well-known as Jennifer Lawrence, but this doesn’t mean your data is safe in the cloud. In fact, with the financial nature of your business data, you could be even more at risk. If your business has an online presence, you need to proactively defend yourself against these common digital attacks. <READ MORE>
Rumblings of a breach of Home Depot’s information systems began in early September; however, the company was slow to reveal the extent to which customers were affected. After an initial warning from banks and a report from cybersecurity newshound Brian Krebs on Sept 2, confirmation of the incident was not released until almost a week later on Sept 8. Details of the breach were not made available by the company until Sept 18, when it announced that the cyberattack put payment card information at risk for approximately 56 million unique cards and that the malware linked to the attack was believed to be present between April and September 2014. Every store in North America is believed to have been involved.
With so many people involved, it can be easy to fault the home improvement giant with the glacial speed at which it gave out information. But Home Depot says that the investigation uncovering those details began on the same day as bank issued warnings and that the infection has now been contained.
The malware in question is believed to be similar to that used in the Target breach, which affected over 40 million customers in late 2013. The malware affects point-of-sale kiosks and checkout lines, and in the Home Depot case, may have specifically targeted self-checkout lines.
In response to the issue, Frank Blake, chairman and CEO of Home Depot has said, “We apologize to our customers for the inconvenience and anxiety this has caused, and want to reassure them that they will not be liable for fraudulent charges. From the time this investigation began, our guiding principle has been to put our customers first, and we will continue to do so.”
Given the increasing frequency of massive data breaches like this, though, customer anxiety is no longer easily assuaged by increased security standards, free credit monitoring software and a promise to do better. That in turn manifests as anxiety for the C-suite. Following the Target incident, multiple high-level executives were terminated or stepped down for lack of proactivity in shoring up Target’s cyber defenses. While there has been no word yet on similar moves at Home Depot, it’s an inevitability that someone will need to pay the piper.
Even more worrisome for both customers and executives is a New York Times report out today that cites multiple former and current Home Depot employees who witnessed negligent customer data handling throughout its stores. According to that article, “several people who have worked in Home Depot’s security group in recent years said managers failed to take such threats as seriously as they should have. They said managers relied on outdated Symantec antivirus software from 2007 and did not continuously monitor the network for unusual behavior, such as a strange server talking to its checkout registers.”
While experts have warned that cybersecurity should be a priority for corporations, the events of the last two years have proven that even considerable investment can be foiled by innovative hackers. And as the causality role call begins to look more like the average American’s weekend errand list, you can expect it to continue to be a topic of conversation,
From: Mashable – Tech – by Adario Strange, September 17, 2014
Facebook is reportedly working on a new app designed to encourage private content sharing — by making the process even more personal.
Citing multiple sources, a report on Techcrunch claims that the current code name for the app is “Moments” and will give users a grid-style interface from which to share private moments with friends and family.
The reasoning behind the app, allegedly, is to assist Facebook users who want to share intimate content with close contacts, but have been put off by the site’s increasingly complicated privacy settings.
The report hedges on whether or not the app will ever actually be released, citing numerous past internal Facebook experiments that never became public-facing products.
But if true, the app would indicate that Facebook is continuing to work to win back the trust of some users who have been daunted by the site’s complicated and ever-shifting privacy settings and News Feed changes.
A Facebook spokesperson offered the company’s standard response: “we do not comment on rumors or speculation.”
From: Law Technology Today, By Eliya Fishman August 28, 2014
More than 90% of the world’s digital data has been generated within the last two years. Everything around us is moving faster. Our on-demand, in-an-instant mindset has zero tolerance for bandwidth limitations and mobility constraints. And then, we suddenly find ourselves facing a stack of paper that should have been signed yesterday…
Paper might be dying, but the tried and true process of ‘printing to sign’ continues to linger. In fact, according to a recent ALM Media online reader survey on signature-dependent processes and the use of digital signatures, 49% of all documents are printed for the sole purpose of adding signatures. And with 47% of respondents signing documents at least four times per week, you can quickly figure out what that means in terms of wasted resources, precious time, and money. Speaking of time, the survey also revealed that processes involved with obtaining physical signatures were extended by 1.24 days on average, spelling potential disaster for time-sensitive transactions. <READ MORE>
From: The Hacker News: Thursday, September 04, 2014 Swati Khandelwal
A notable number of cell phone towers around the United States are rogue that, according to latest report, could spoof legitimate towers and intercept calls. The research carried out by ESD America, a defense and law enforcement technology firm based in Las Vegas, shows that a rogue cell phone towers, also known as “interceptors”, may process the call.
ESD America, the company that makes the super-secure CryptoPhone, makes one of the oldest and most expensive high-security cell phones in the market. It provides equipment and training to more than 40 countries with a goal to provide technical security assistance to government and corporate clients across Asia.<READ MORE>
From: Law Technology Today – Posted by: Craig Huggart September 4, 2014
What do you do when that dreaded moment comes when you have to come up with another password? Maybe they are out there but I don’t know anyone who thinks coming up with passwords and remembering them is fun.
On the one hand, if you use a password that is easy to remember it will likely be easy to hack (and probably won’t meet the password requirements). On the other hand, if you use a complicated password it will be difficult to remember. Let’s take a look at how you can easily balance these two tensions by using a proven 3 step method.
What are the goals?
To create reasonably secure passwords. First off, it is impractical to memorize unique passwords for all the places you need them. That why I recommend using a password manager. Instead, the goal is to create secure passwords for your “master password” and for those places you can’t use a password manager. I am not a security expert but I trust Steve Gibson. His general recommendations are: <READ MORE>
FromPC World – Security – by Lincoln Spector, Posted August 25, 2014
Everyone who uses the Internet absolutely must have a password manager. Without one, you’ll forget some of your passwords. Or you’ll use the same password for different sites, which allows a thief who’s hacked one password to know them all. Or you’ll use simple passwords that are easy to remember but also easy to hack.
A password manager program stores your passwords and other login information in an encrypted database. If you need to log into a website or a secure application, you open the password manager, type the password to your password manager (which is the only password you’ll ever have to memorize), and get the information that you need.
But which password manager should you use? <READ MORE>
From: Intuit QuickBooks, by Nicklas Prieto on June 26, 2014
The digital age has brought with it innumerable innovations that continue to change the way the world does business. Buzzwords abound on the internet, bringing to light terms that often fade into obscurity as quickly as they rise to prominence. But some innovations occasionally stick, and the 10 new technologies discussed in this list are definitely here to stay, at least until new tech comes out that makes them obsolete.
Until then, follow along to learn how these new innovations can help change the way you conduct business. <SEE TOP 10>
From Healthcare IT News, Erin McCann, Associate Editor, July 28, 2014
A new state health information exchange has officially signed on with the eHealth Exchange, bringing an additional 16 million patient records into the national HIE pool.