Tag Archives: Data Security

Want to scan your crypto wallet for risks? Check: AML crypto BTC, USDT, ETH. Checking cryptocurrency wallets for dirty money.

33% of Employees Fail to Meet Minimum Security Standards for BYOD

Posted on by

Bring Your Own Devices

By 2017, half of employers will require employees to provide their own mobile devices for work use, Gartner reports. There are many benefits to BYOD policies, from greater productivity on devices users are more comfortable with to lower corporate costs when businesses do not have to purchase mobile equipment or service plans. But securing these devices poses tremendous risk that may not be worth the reward.

According to data security firm Bitdefender, 33% of U.S. employees who use their own devices for work do not meet minimum security standards for protecting company data. In fact, 40% do not even activate the most basic layer of protection: activating lock-screen features. Further, while the majority of workers could access their employer’s secure network connection, only half do so.

Bitdefender reports that there are 5 core security functionalities a strong BYOD policy should check:

  • Data encryption, for data residing on the employee’s device and for data transiting different channels.
  • Application access control, using port knocking, whitelists and intrusion prevention systems, for enterprise apps communicating with company servers.
  • Mobile malware detection and removal, to ensure clean devices enter the company and to keep them malware-free throughout their use.

  • Real-time app and website scanning, to make sure the device does not get infected by malicious apps or websites when the employee wants to download/access them.

  • App permission management, to allow employees to see exactly what types of information does an application require permission to access and share with the application vendor.

Check out more of the study’s findings below:

Bitdefender BYOD infographic

Home Depot Confirms Massive Data Breach

Posted on by

Home Depot Data Breach

On Monday, Home Depot confirmed that a breach of its payment data systems may have exposed customer card data across the United States and Canada. The breach appears to have begun in April, allowing hackers to steal an untold amount of shopper information including credit card numbers.

online pharmacy ocuflox with best prices today in the USA

The home improvement giant disclosed on Sept. 2 that it was investigating reports of “unusual activity” and, a week later, determined that any customers who used a card in the U.S. or Canada is at risk, though the breach does not appear to impact shoppers online or at retail stores in Mexico. In an official statement, the company assured that no one would be held responsible for fraudulent charges and offered free identity protection services, including credit monitoring, to anyone who has shopped at one of its locations since April.

As with the massive Target data breach, the Home Depot news was first broken by cybersecurity journalist Brian Krebs. The data went up for sale on rescator. So, the same underground store that sold credit card information from the Target and P.

online pharmacy zoloft with best prices today in the USA

F. Chang’s breaches, and may have been stolen by the same group of hackers. Krebs reported, “In what can only be interpreted as intended retribution for U.S. and European sanctions against Russia for its aggressive actions in Ukraine, this crime shop has named its newest batch of cards ‘American Sanctions.’ Stolen cards issued by European banks that were used in compromised U.S. store locations are being sold under a new batch of cards labeled ‘European Sanctions.'”

Given the five-month duration, this breach may be many times larger than the Target attack, which exposed 40 million credit and debit cards and the personal data of 70 million customers in three weeks. The Target breach led to the resignation of its CEO and cost the company almost $150 million in the second quarter alone, according to the New York Times. In fact, the toll may reach ever higher. “I don’t see how they’re getting out of this for under a billion, over time,” John Kindervag, the vice president and principal analyst with Forrester Research, told the Times, adding, “$150 million in a quarter seems almost like a bargain.” Beyond the company itself, Javelin Strategy and Research reported at the time that total damage to banks and retailers could surpass billion, and consumers could be liable for more than billion in uncovered losses and other costs.

online pharmacy clomid with best prices today in the USA

One of the most promising ways to increase point-of-sale security is through the adaptation of EMV chip technology, as discussed in the March issue of Risk Management. In Europe, 81% of cards have EMV chips, and countries that have adopted the technology saw sharp declines in credit card fraud. In England, for example, the amount of fraud per transaction has dropped 57% since 2002, while it has risen almost 70% in the United States over the same period, according to consulting firm Celent. As part of its breach response, Home Depot announced plans to escalate adoption of EMV, installing “chip and PIN” checkout terminals throughout its U.S. stores by the end of the year. Target made a similar move in April, saying that it will issue its branded REDcard credit, debit and co-branded credit cards with MasterCard chip technology beginning next year.

Twitter’s Data Mining Profits Show Lesser-Known Social Media Risk

Posted on by

Data Mining

In an interview for this month’s issue of Risk Management magazine, lawyer and social media specialist Adam Cohen cautioned businesses that the risks of social networking sites extend beyond explosive posting faux pas.

“In most cases, corporations don’t realize that what they put on these social media services is all subject to the privacy policies and terms and conditions of the services,” said the eDiscovery expert and author of Social Media: Legal Risk and Corporate Policy. “Those provide a shocking amount of access by the social media services where they may take your data.”

As Twitter prepares for its much-anticipated IPO, the social media giant has released a torrent of information on its financial standing and practices. One of the most important tidbits for users concerns the site’s lesser-known side-business: data mining. In the first half of 2013, Twitter made $32 million by selling its data—namely, tweets—to other companies, a 53% increase from the year before.

So far this year, the company has raked in $47.5 million from selling user data to companies that analyze the social media posts for insights into news events and trends. Because of its real-time nature, Twitter is the primary contributor to data mining, though other social networks are frequently used in professional analysis.

This analysis is then sold to businesses for a slew of uses. “The types of ways that businesses are using Twitter data has gone deeper and deeper,” Chris Moody, the CEO of original Twitter data mining company Gnip, told Time. “We’re seeing it in supply chain and inventory management. It’s not just consumer brands that are engaging on Twitter.”The United Nations uses Twitter algorithms to pinpoint areas of social unrest. Burger chain Five Guys used “social intelligence technology” from New Brand Analytics to monitor quality in restaurants across the country and evaluate the appeal of a new fry size offering. Wall Street subscribers to one service, Dataminr, got a leg up on the S&P Index drop following the Navy Yard shooting. Five minutes before the news broke, users received an alert to take action after the company’s algorithms picked up on eyewitness reports and deduced from their timing, influence, and location that something urgent was taking place.

Clearly, there’s money to be made on both sides. According to the Wall Street Journal, the “social listening” business is booming, partially funded by millions of dollars in venture capital. Research firm IDC estimates that the entire “big data” market has grown seven times as quickly as the information technology sector as a whole, and may be valued at $16.9 billion in two years.

Data is mined for a variety of purposes – ones your company may even want to explore – but while there are benefits to the ends, the means translate into cyber exposures of which you may never know the details or depth. While the reputational risk of social media garners a lot of the attention – and rightfully so – there are increasingly tremendous exposures that lay in the forms just to sign up. With Twitter going public, there will only be further incentive to maximize revenue by selling user data, and more reason to approach corporate social media with caution.

Cyber Crime: Recent Events and Insuring Against It

Posted on by

It seems like several times per day that I am sent a news alert of yet another data breach.

buy buspar online healthdirectionsinc.com/flash/swf/buspar.html no prescription pharmacy

The frequency with which they occur is frightening to say the least and unfortunately, many businesses are not covered for such an event.

Let’s take a look at data breaches that have occurred over the past week and what, if anything, can be done to prevent (or insure against) them.

  • A report by Wake Forest Baptist Medical Center to the state attorney general’s office explained that 357 people were affected by documents from an 11-year period taken from the medical center due to a security breach, the Winston-Salem Journal is reporting. Wake Forest Baptist issued a statement early last month that it had fired an employee, Linda Bowden Turner, who had taken medical records and documents from 1995 to 2006 from the medical center to her own properties.
  • If you used a credit or debit card at Margarita’s restaurant over the past three months, a virus might have culled your information before it could be encrypted and then sold to underground markets, Huntsville police said. At least 200 people over the past two weeks have reported incidents of stolen bank account information, and authorities said they suspect there are many more cases that have not been reported and many potential victims whose numbers have not yet been used by thieves.
  • Nearly 700 Toshiba customers’ emails and passwords have been stolen from the company’s U.S. servers, the latest company to be hit by hackers, although it doesn’t appear to be the work of the same groups that have infiltrated Arizona law enforcement, Orlando tourism or PBS. TechEYE.net reported that the hacker VOiD targeted Toshiba and claimed “to gain usernames and passwords on 450 of the company’s customers” as well as about 20 re-sellers and 12 administrators on the company’s Electronic Components and Semiconductors and Consumer Products sites.
  • Lady Gaga has called in police after thousands of her fans’ personal details were stolen from her website. Her record label acted after the site was hacked into by US cyber attackers SwagSec. A source said: “She’s upset and hopes police get to the bottom of how this was allowed to happen.” The group struck on June 27 but did not make the information, which included names and email addresses, public until this week.
  • Anonymous, a group of “hacktivist” computer-savvy attackers, has already speared a number of big fish: credit-card companies, the church of Scientology, and Monsanto, a biotechnology firm. And the hackers have flaunted their skills by successfully attacking computer-security expert firms, like HBGary. Its latest victim is Booz Allen Hamilton, a big consulting firm to America’s government, including on cybersecurity, with bigwigs like a former CIA head and a former director of national intelligence on its payroll.

So how do companies work to prevent or mitigate the effects or data breaches? One option is cyber liability insurance. Major insurers like Chartis, ACE and Hiscox have been in the cyber liability insurance game for several years now and smaller insurers are entering the market at a rapid pace. But what types of coverage does a cyber liability policy include? According to Dave Navetta, partner at InfoLawGroup and contributor to Fox News, the following may be included:

  • Breach Notice Costs. Coverage now exists for direct costs incurred by an insured to provide notice to individuals in the event of a security breach, as well as expenses to set up a call center and provide credit monitoring services. These costs involve a multiplier effect. For example, credit monitoring can cost anywhere from $10 to $200 per year, per person impacted by a breach. If one million individuals are at issue, costs could run in the millions of dollars. These costs also include attorney fees and forensic investigation expenses to determine the cause of a breach and whether notice is required under law.
  • Damages and Defense Costs. Provides coverage for information security and privacy breaches and technology professional liability. This element of the insurance plan is specifically designed to provide coverage for damages and defense costs arising out of lawsuits or claims resulting from a data security breach or an act, error or omission in the rendering of professional technology services (like data storage services). Some cyber policies will also protect your business against the cost of regulatory investigations or actions due to a security or privacy breach.
  • Service Provider Breach.With more companies outsourcing their data processing to third parties or the “cloud,” it is important that a cyber policy provides coverage if the security breach happens to one of the insured’s service providers. That will protect your company against many types of expenses. However, these policies are unlikely to provide any coverage for the personnel hours expended internally to address the breach.
  • Crisis Management, Business Interruption and Data Restoration. This insurance can also help cover the costs for getting the network back up and running and restoring lost data. Public relations services may also be included to help restore the company’s reputation.
    buy vilitra online healthdirectionsinc.com/flash/swf/vilitra.html no prescription pharmacy

  • Denial-of-Service Attack. If your company or a service provider, such as a web host, is shut down by a denial-of-service attack or other type of hack, some insurance policies will cover lost income and the costs of repairing the network.
  • Cyber Extortion. In a case where a hacker decides to hijack your website, network or database, and demands money to restore it, a cyber extortion clause in an insurance policy can help to cover the settlement and the cost of hiring a security firm to track down the hacker.

Does your company have cyber liability insurance coverage?

buy isofair online healthdirectionsinc.com/flash/swf/isofair.html no prescription pharmacy