Another data breach carried out by the “hactivist” group known as “Anonymous” provides an opportunity for businesses to become reacquainted with several important data security concepts. First let’s briefly review the background of the incident.
This time Anonymous hacked the Bay Area Rapid Transit system, commonly known as BART. BART is the second largest public transportation system in Northern California and carries about 40,000 riders a day. Anonymous was able to access and steal personal information on about 2400 BART customers who utilize the myBART website to manage their accounts. The information taken was reported by Anonymous to include system user names and passwords, individual last names, addresses, and telephone numbers.
Continue reading Anonymous Educates Us About Security– Again
In October 2005 the Federal Financial Institutions Examination Council (FFIEC) issued updated information security guidance for financial institutions offering internet-based financial products and services. The 2005 Guidance discussed the need for financial institutions to (1) utilize effective and well considered risk assessments in order to carefully evaluate the risk to an institution’s data in light of the nature and scope of the data services offered online; and (2) employ customer awareness and education as an effective means of reducing or eliminating risks associated with online banking.
Continue reading Important New Banking Security Guidelines
Whether we like it or not, information really is king. This has been true for a while now, but it is even more clearly so now. In one way or another we now depend upon digital information for almost everything: to protect us, feed us, cloth us, entertain us and, most importantly, inform us. Erosion of trust in the integrity of the information that we mutually consume and produce effects us all in ways which may not be immediately harmful, but are none the less detrimental to us collectively. Information is king, but trust is paramount in such a world.
Continue reading There Is No Genuine Information Without Security