Friday, October 3, 2014

Direction towards your data security

“If you do not change direction, you may end up where you are heading.” This quote by Chinese philosopher Lao Tzu may seem a truism, but implies an important wake-up call: stop yourselves for a moment, think about the way that you are taking and make sure that you really want to get where it leads you.

While cybercriminals demonstrate everyday that they are confident in the direction that they are taking, many organizations which store and process users’ personal data should ask themselves whether they have chosen the right path to protect such information or not. In this sense, the US's largest bank, JP Morgan, has acknowledged that the massive cyberattack that it suffered earlier this year compromised names and addresses of 76 million private and seven million business customers in the USA. In addition, the science supplies company Flinn Scientific has notified its customers that their online store server was infected with malware. Data from all buyers between May and September, including credit cards’ information, could have been intercepted by the attackers.

This kind of data breaches are becoming more and more common despite efforts to combat them. Therefore, it is increasing the number of cyberinsurance policies being sold to cover such embarrassing situations, which could even drive a company to bankrupt. In fact, according to the Ponemon Institute, the number of companies covered by this kind of insurance products have increased from 10% in 2013 to 26% in 2014.

As mentioned, the computer "bad guys" are very clear about where they want to go and constantly open up new routes in that direction. Paradoxically, they sometimes benefit from the discoveries made by security researchers. BadUSB is a code that exploits a critical vulnerability in the USB firmware and allows hackers to install malware on the devices effectively undetected. Its creators did not want to publish it because it has a complex solution since it implies to update the whole USB standard. However, other researchers successfully reverse-engineered the code and published it on GitHub to pressure the industry to take action.

However, as users many times we hand our data on a plate to anyone who knows where to look. In fact, our smartphones are pocket computers permanently connected to the Internet, able to tell about us much more than we think. A study by the University of Trento has shown that by the combination of mobile users’s data and statistical information on their age, gender, social class, etc. it is possible to predict with 70% accuracy whether a particular area of ​​a city is going to be problematic.

Many people are unaware of the amount of personal information stored on their mobile devices until they loose them or they are stolen. Although manufacturers have developed several systems to block the device so a third party can not access such data, theft of smartphones is still an epidemic. Therefore Apple has launched a website that allows you to find out if an iPhone has been blocked by its rightful owner. It could be a very useful tool, for example, to verify if the device has been stolen when buying a second hand iPhone.

Has any of these stories moved you to think about the direction you have taken in terms of use of technology and personal data management? In that case, feel free to share the article with your contacts and follow us on our social channels (find the links at the right sidebar) or here on our blog.


Post a Comment