Lead Image © Rancz Andrei, 123RF.com

Lead Image © Rancz Andrei, 123RF.com

Security is Everyone's Problem

Welcome

Article from ADMIN 36/2016
By
I attended a security seminar a few weeks ago, and one of the slides read, "Security is not an IT problem." I laughed when I saw it and gave a smirk to our Security Manager at my new job.

I attended a security seminar a few weeks ago, and one of the slides read, "Security is not an IT problem." I laughed when I saw it and gave a smirk to our Security Manager at my new job. He smiled back. When we headed back to the office, I said, "Do you know what my one takeaway from that seminar was? That security is not an IT problem." We all laughed and had a good time ribbing the Security Manager and telling him that the burden of security now falls squarely on him and not on us (IT). Yes, it was funny, but it also isn't funny. I think that in companies of all sizes, security is always "someone else's" responsibility or problem. The reality is that security is everyone's problem. Responsibility for creating a secure work environment is your responsibility whether you're the CEO or an intern working for the summer. It is a burden we all bear.

The problem of security is perception. We assume that if we lock our windows and doors that we are secure in our homes, yet we know that the opposite is true. It's a little better than leaving the doors and windows unlocked but, in reality, not that much better. We assume that our 12-character complex passwords protect us, but they don't. Sure, they might protect you from someone logging into your account, but they don't protect you from hackers who steal millions of user accounts from a site.

A great password, a VPN connection, and an encrypted disk are all excellent tools to help protect your identity, your account information, and your data due to device theft or loss, but it doesn't protect you at all from data stolen from sites that collect your data, such as your beloved social media destinations, news outlets, or sites that you access in private. Your security on sites where you don't have control is only as good as those who support those sites. Sometimes it just isn't enough.

So how do you combat thieves who might steal your passwords from a site en masse?

...
Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Two-Factor Authentication

    Making your systems really secure can be a bit more complicated than resorting to the use of regular passwords. In this article, we provide an overview of authentication solutions and present potential approaches for common use cases.

  • Multifactor authentication with Google Authenticator
    Google Authenticator provides one-time passwords to smartphone owners for multifactor authentication, or you can integrate it into other applications, such as blogs.
  • Editorial
    By now you've probably heard that Italy's Hacking Team, a company that sells intrusion and surveillance tools to governments and law enforcement agencies, has had its private information laid bare for the entire world. Almost 400GB of data, published in a single Torrent file, made its way onto the Internet for all to enjoy. The initial entry point for the attack is unclear, but one thing is certain: The Hacking Team needs to attend a seminar on password security.
  • Secure remote access and web applications with two-factor authentication
    Making your systems really secure can be a bit more complicated than resorting to the use of regular passwords. In this article, we provide an overview of authentication solutions and present potential approaches for common use cases.
  • Risky Business
    For all the fear, uncertainty, and doubt still surrounding cloud technologies, you must take a level of acceptable risk to move forward.
comments powered by Disqus