M2M And Security In An Insecure World
Symantec is aggressively positioning themselves for the changing dynamics of security, and it brings to mind some important realizations regarding today’s vulnerabilities.
First: Symantec is monitoring and addressing the threat landscape with a division called STAR: Security, Technology and Response. The team is made up of virus hunters, threat analysts, engineers and researchers. That’s a robust team, and this aggressive forward edge is always necessary, in my opinion. But STAR’s existence owes itself, in part, to a relatively recent and growing recognition:
Today everyone, from consumer to service provider to product developer, is recognizing that the average person has multiple “end points” for data and sensitive information.
For example: Gone is the day of a household, or any house member, with a single, simple device: a desktop PC, for example. Rather, today’s individual may have many multiple devices: smartphones, laptops, iPads, tablets, portable media players, GPS devices… Further, many homes have their own wireless networks and centralized data – also under that same roof may reside multiple people with multiple devices – further compounded by multiple social networking accounts, multiple e-mail accounts, etc. In other words, an almost exponential explosion of end-points, portals, and avenues of potential human error in bringing breaching and harming incidents to fruition.
Consider the organization: What holds for the household is manifested through and by many, many employees. The avenues for potential breach and harm can number in the dozens, to hundreds, to many thousands.
On a local scale, just this past week, the lack of a prudent, forward, view of security evidenced itself to me. A colleague’s auxiliary e-mail account was hacked, and subsequently used to disseminate e-mail advertising through the account’s group lists. But that’s not the worst of it – the free-mail account was of no great concern. However, this person used the same password for multiple accounts, including banks, and decided to change all passwords, and to make them unique to each account – a wise move.
Incredibly, one of his banks sent a confirmation e-mail of the password change, with the user ID and password for his account plainly spelled out. I thought those days were gone. Passwords should never be transmitted through e-mail.
Today’s environment means having a very proactive, provocative, security awareness. For organizations: Take survey of your end-points, your processes, your providers – a whole, 360-degree, view. Assign someone to assess vulnerabilities, and mount a plan that captures all devices and the nature of their use.
Position yourself for best security in a rapidly changing world.
- BIG DATA – Are You Leveraging Data To Modern Standards? Insights - Big Data is becoming well-established at big organizations. But it is coming rapidly to other orgs as well: small-to-medium business (SMB), non-profits of modest size, and to larger-scale endeavors
- ATD Trainer’s Toolkit Case Study - The ATD Trainer’s Toolkit is a one-of-a-kind collection of innovative classroom and virtual teaching activities. Elaine Biech, the great facilitator, composed and edited, and each section of the activities were created
- Demand For Mobile Apps To Outweigh Organizations’ Capacity To Develop Them By Five-To-One Says Gartner Insights - Mobile phone sales are projected to hit 2.1 billion units by 2019 according to Gartner forecasts. The ubiquitous nature of mobile is leading more and more business users to expect and demand enterprise mobile apps