Connect with us

Uncategorized

What We Learned From new episodes of peacemaker

Uncategorized

The Importance of Communication in a Healthy Love and Relationship

Uncategorized

Common Mistakes to Avoid When Using Motor Winding Equipment

Uncategorized

Creating a Hygge-Friendly Home: The Power of Hyggeful Chairs

Uncategorized

Safely Sell CS2 Skins: Tips for Avoiding Scams and Fraud

Uncategorized

Introducing the Cocopup Bag: The Perfect Accessory for Stylish Dog Owners

Uncategorized

Leveling Up in the Digital Realm: Tips for Success in Online Gaming

Uncategorized

What to Look for When Buying a New Landed Property Singapore

Uncategorized

Exploring the Serene Beauty of Prestige Rain Tree Park: A Must-Visit Destination

Uncategorized

Behind the Scenes with Blaine Anthony: Secrets of a Successful Bear Whisperer

Uncategorized

What We Learned From new episodes of peacemaker

Published

2 years ago

on

Headlines continue to abound about the data breach at Facebook.

Totally different than the site hackings where credit card information was just stolen at major retailers, the company in question, Cambridge Analytica, did have the right to actually use this data.

Unfortunately they used this information without permission and in a manner that was overtly deceptive to both Facebook users and Facebook itself.

Facebook CEO Mark Zuckerberg has vowed to make changes to prevent these types of information misuse from happening in the future, but it appears many of those tweaks will be made internally.

Individual users and businesses still need to take their own steps to ensure their information remains as protected and secure as possible.

For individuals the process to enhance online protection is fairly simple. This can range from leaving sites such as Facebook altogether, to avoiding so-called free game and quiz sites where you are required to provide access to your information and that of your friends.

A separate approach is to employ different accounts. One could be used for access to important financial sites. A second one and others could be used for social media pages. Using a variety of accounts can create more work, but it adds additional layers to keep an infiltrator away from your key data.

Businesses on the other hand need an approach that is more comprehensive. While nearly all employ firewalls, access control lists, encryption of accounts, and more to prevent a hack, many companies fail to maintain the framework that leads to data.

One example is a company that employs user accounts with rules that force changes to passwords regularly, but are lax in changing their infrastructure device credentials for firewalls, routers or switch passwords. In fact, many of these, never change.

Those employing web data services should also alter their passwords. A username and password or an API key are required for access them which are created when the application is built, but again is rarely changed. A former staff member who knows the API security key for their credit card processing gateway, could access that data even if they were no longer employed at that business.

Things can get even worse. Many large businesses utilize additional firms to assist in application development. In this scenario, the software is copied to the additional firms’ servers and may contain the same API keys or username/password combinations that are used in the production application. Since most are rarely changed, a disgruntled worker at a third party firm now has access to all the information they need to grab the data.

Also read:

Related Topics:
Continue Reading