Data Security - Infoworld

Data breach? Blame your third party's remote access systems

admin — Tue, 07 Feb 2012 13:28:46 +0000

An in-depth study of data-breach problems last year where hackers infiltrated 312 businesses to grab gobs of mainly customer payment-card information found the primary way they got in was through third-party vendor remote-access applications or VPN for systems maintenance.

How to protect your intellectual property in the cloud

admin — Mon, 06 Feb 2012 17:27:02 +0000

Around this time last year, the cloud computing contract signings were coming fast and furious -- not just for commodity work like IT management or email, but for software and infrastructure closer to the core of corporate value. Not long after that, the calls started to come in to Greg Bell, the Americas service leader for information protection at KPMG.

The in-depth guide to data destruction

admin — Mon, 06 Feb 2012 16:38:32 +0000

A key part of any information security strategy is disposing of data once it's no longer needed. Failure to do so can lead to serious breaches of data-protection and privacy policies, compliance problems, and added costs.

VeriSign hacked several times, won't reveal the details

InfoWorld Tech Watch — Thu, 02 Feb 2012 20:24:50 +0000

In October 2011, Internet infrastructure firm VeriSign released its usual quarterly report. Buried in the 50-page filing to the SEC was the revelation that the company had been breached multiple times the previous year.

McAfee Mobile 2.0 moves beyond virus protection

admin — Mon, 30 Jan 2012 13:51:40 +0000

Intel-owned McAfee has released Mobile Security 2.0, which allows users of Android-based smartphones and tablets to keep better track of what applications are up to, the company said on Monday.

Today, many of Android's perceived security weaknesses stem from the openness of Android Market, and the availability of rogue applications.

How to prevent thumb drive security disasters

admin — Fri, 27 Jan 2012 16:47:15 +0000

For such a small device, the plastic, handheld USB flash drive can cause big security headaches. Even if you have robust end-point security and establish rigid policies about employee use of these drives, employees still find a way to copy financial reports and business plans for use at home. While other security breaches are more traceable, a flash drive is more difficult to monitor, especially after the employee leaves work.

15 worst Internet privacy scandals of all time

admin — Fri, 27 Jan 2012 13:36:01 +0000

In honor of National Data Privacy Day this Saturday, Jan. 28, we've put together a list of the 15 worst Internet privacy scandals of all time.

These high-profile privacy scandals involve many underlying technologies, from search to social media, email to voice mail, mobile phones to Webcams to GPS. But at the heart of all of these privacy scandals are companies collecting personal data without the user's knowledge or consent and then either sharing it with third parties or simply failing to keep it safe.

Hacker releases 100,000 Facebook log-in credentials

admin — Mon, 23 Jan 2012 17:22:46 +0000

A hacker who claims to act in defense of Israel has released 100,000 credentials of allegedly Arab users of Facebook in an ongoing row between Israeli and Arab hackers.

The hacker, who goes by the name Hannibal, posted the credentials in four parts on Pastebin on Saturday as well as making the details available on 14 file-sharing sites.

The Oracle flaw: Clarifications and more information

Eric Knorr — Mon, 23 Jan 2012 16:54:33 +0000

Since InfoWorld published "Fundamental Oracle flaw revealed" on Jan. 17, we've received abundant feedback from Oracle users and consulted with Oracle representatives, who went through the story point by point, offering clarifications and additional details, including information about the patches that address the flaw.

The Patriot Act and your data: Should you ask cloud providers about protection?

admin — Mon, 23 Jan 2012 13:04:54 +0000

Worries have been steadily growing among European IT leaders that the USA Patriot Act would give the U.S. government unfettered access to their data if stored on the cloud servers of American providers -- so much so that Obama administration officials last week held a press conference to quell international concern over the protection of data stored on U.S. soil.

Foreign cloud privacy concerns dismissed by U.S. officials

admin — Thu, 19 Jan 2012 15:51:18 +0000

A pair of senior Obama administration officials on Wednesday sought to tamp down recent stirrings of controversy over the privacy protections under U.S. law surrounding content stored in the cloud residing in data centers in foreign jurisdictions.

Update: Fundamental Oracle flaw revealed

Eric Knorr — Tue, 17 Jan 2012 11:00:00 +0000

(Editor's note: This story has been updated to include clarifications and additional information, which appear in italics. For the latest developments, see the follow-on story "The Oracle flaw: Clarifications and more information.")

Cyber insurance offers IT peace of mind -- or maybe not

admin — Fri, 13 Jan 2012 16:24:24 +0000

If your company were hit with a cyber attack today, would it be able to foot the bill? The entire bill, including costs from regulatory fines, potential lawsuits, damage to your organization's brand, and hardware and software repair, recovery and protection?

It's a question worth careful consideration, given that the price of cyber attacks is rising at an alarming rate.

Anonymous publishes Israeli SCADA log-in details

admin — Thu, 12 Jan 2012 22:54:46 +0000

A member of the Anonymous hacktivist collective has published a list of Internet-facing Israeli SCADA (supervisory control and data acquisition) systems and alleged log-in details.

The user, who uses the Twitter handle of FuryOfAnon, posted the information on Pastebin with the message: "Who wanna have some fun with israeli scada systems?"

Companies prove careless when enlisting data recovery services

InfoWorld Tech Watch — Wed, 11 Jan 2012 11:00:00 +0000

Even the most vigilant IT security department could invest countless hours and dollars into defending its company's data trove

Symantec confirms source code leak in two enterprise security products

admin — Fri, 06 Jan 2012 12:42:46 +0000

Symantec late Thursday confirmed that source code used in two of its older enterprise security products was publicly exposed by hackers this week.

In a statement, the company said that the compromised code is between four and five years old and does not affect Symantec's consumer-oriented Norton products as had been previously speculated.

Lost in BYOD's uncharted legal waters

Galen Gruman — Fri, 06 Jan 2012 11:00:00 +0000

The majority of businesses now allow employees to choose -- or even bring -- their own mobile devices rather than require the use of corporate-issued units. The BYOD phenomenon quickly moved from a "not in my business" option in 2010 to the de facto standard in 2011. BYOD also intermingles personal and professional usage, data, and ownership, creating uncharted territory for businesses and individuals alike as to who has rights over what, as well as to what are the best legal approaches to securing their respective interests.

Security headlines you'll never read

Roger A. Grimes — Tue, 27 Dec 2011 11:00:00 +0000

Whenever I read another article about how Company X or University Y or Governmental Organization Z was "recently" hacked -- usually "by the Chinese" -- I can't help but chuckle.

Tech stories of 2011: Jobs, Android, and Anonymous rank in top 10

admin — Mon, 26 Dec 2011 11:00:00 +0000

In 2011, the increasingly mobile and socially networked world of technology became more intertwined than ever with politics and the law. Patent wars shaped competition in tablets and smartphones, hacktivists attacked a widening array of political and corporate targets, repressive regimes unplugged citizens from the Internet, and the U.S. government moved to block the giant merger of AT&T and T-Mobile USA. With the passing of Steve Jobs, the world lost a technology icon who redefined the computer, entertainment and consumer electronics industries.

iBahn, supplier of hotel Internet services, denies breach

admin — Thu, 15 Dec 2011 13:48:48 +0000

iBahn, a provider of Internet services to some 3,000 hotels worldwide, denied on Thursday a news report that its network was breached by hackers.

Bloomberg wrote that a highly skilled group of hackers based in China, which U.S. investigators have called "Byzantine Foothold," attacked iBahn, citing unnamed sources, including one U.S intelligence official.