password protected

Cost of carelessness hits the CIO's budget

Tue, 04 Sep 2007 06:59:58 -0400

David Perry, global director of education for Trend Micro, tells Forbes that as many as one in five virus infections come from users who purposefully infect themselves out of curiosity. This is just one of the many practices that undermine information technology security due to varying combinations of naiveté and carelessness. This is why CIOs plan to spend 20 percent more on preventing data theft and intrusion during the next year, according to research by the market analysis firm InsightExpress. Analysts noted that about 30 percent of non-IT corporate employees violate the terms of security agreements that they sign. It's a phenomenon that appears to be global in nature, since the study included respondents from professionals in seven different countries.

A second study, commissioned by Cisco Systems and the National Cyber Security Alliance, also shows that more than 60 percent of employees sometimes use mobile devices without encrypted or password-protected data to connect to their organization's network, and more than a third sometimes work by piggybacking on strangers' wireless Internet connections. So while many employees are asked to stay connected at home or on weekends, they may be putting their networks at extreme risk by exposing all of their data on unsecured networks. Trend Micro released a report that says that U.S. and U.K. workers on corporate laptops are more than twice as likely to send confidential info via instant message, compared with desktop users. They are also a third more likely to send confidential data over webmail.

For all the details on security:
- read the article in Forbes

Data thieves hit universities

Mon, 15 Jan 2007 19:01:39 -0500

A university in Idaho and a college in Arizona are busy doing what they can to quell students' and staffers' fears about personal data gone missing. The University of Idaho reported that three workstations went missing, putting confidential data for over 300,000 users in potential jeopardy. The University of Tuscon in Arizona is investigating a computer system breach that shut down its procurement system and provided unauthorized access to building and payroll data. Officials at the Arizona campus say there is no evidence that the data has been used illegally yet. The PCs were password protected, but the data housed on them was not.

For more on the latest security breaches:
- read the news at Computerworld

Another laptop goes missing at Boeing

Thu, 14 Dec 2006 19:01:38 -0500

Boeing has fired an employee that it says was responsible for the theft of a laptop this month and is working with law enforcement to track down the mobile device, as it contains confidential information on nearly 400,000 current and former employees. The laptop data was not encrypted (though it was reportedly password protected), which means the the social security numbers, addresses and other personal data contained therein could end up in the wrong hands. It's the third time a laptop has gone missing from the company and while none have yet been recovered, Boeing claims that none of the missing information has been used for criminal purposes.

For more on the laptop theft:
- read the news at Computerworld

PLUS: Hackers hit Texas university with data theft. Article
Related Article: Starbucks beats Boeing in laptop loss count. Article

SPOTLIGHT: Missing bank laptops hold critical data

Tue, 29 Aug 2006 20:01:34 -0400

Yet another banking institution has reported that three of its laptops have been stolen, putting the confidential data of thousands of customers at risk. Sovereign Bank has sent letters out to its customers and said the incidents happened earlier this month. While the mobile devices are password protected the data--which includes social security numbers, birth dates and names of account holders, was not encrypted. Article

Security researcher discovers stolen data stash

Wed, 10 May 2006 20:01:37 -0400

Researchers at a security vendor have discovered data on stolen identities from 125 countries that were apparently grabbed through a new variant of a Trojan horse program. The stolen data, featuring names, phone numbers, social security numbers and even user logins and passwords, was found on a password-protected FTP server in the U.S. The FBI is investigating the discovery. The information, which includes names, phone numbers and social security numbers, was revealed by a Webroot researcher investigating a malicious file installed on a Web site.

For more on the Webroot discovery:
- read this article at TechWorld