IT - Security

Playing nice and doing what you're told makes you easy prey for con artists

"Human beings are essentially social creatures. We like to help one another. We generally defer to people higher up in the hierarchy than we are. We tend to trust that other people are honest, mean what they say, and are who they say they are, because questioning any of those things without good reason is rude..."

It's (Still) The Password, Stupid!
Dark Reading, August 9th, 2019
The best way to protect your identity in cyberspace is the simplest: Use a variety of strong passwords, and never, ever, use "123456" no matter how easy it is to type

"Stop me if you've heard this one before. Last year, billions of credentials were exposed due to thousands of data breaches. Many of the companies that were hacked didn't tell anyone until months after the fact, and the most common password exposed during these breaches was ... 123456.

I know, right? Same old story..."

The single most important security precaution you can take with high-value online accounts is to enable a mobile device as a secondary identity factor

"Which authenticator app should you choose? The correct answer might involve multiple apps.

Adding multi-factor authentication (often called two-factor authentication, or 2FA) to high-value online accounts is probably the single most important security precaution you can take. It takes just a few minutes to set up, and the result is a layer of protection that will prevent intruders from intercepting your email, stealing funds from your bank account, or hijacking your social media..."

How can infosec pros and data architects work together to support business goals and achieve a good level of cyber security?

"For information security professionals, collaborating with data architects ought to be an absolute imperative, and done well, has many benefits.

Collaboration that is outcome-based and business-centric is an ideal combination. In a perfect world, the security team could design how they want systems and assets set up, they could control the moving parts and it would all work seamlessly for the business. There may be occasions where this happens, but in general, we can all accept, it doesn't..."

See all Archived IT - Security articles See all articles from this issue