Thursday, March 12, 2015

There is no 100% secure and foolproof system

It is the eternal fight: how to find the balance between security and business. Shall we secure what is in production? Shall we produce new features, even when it carries new security and privacy issues, both new and old systems? Even time is money. Fortunately, both worlds seem to be joining.

At the beginning of the week some banks decided to block by default Apple Pay payments. Today we know something new: more than a potential security breach at Cupertino, it was the picaresque of crime industry, taking advantage of ease and accessibility from Apple Pay when digitizing cards for using this payment gateway with stolen bank accounts.

David Sopas from WebSegura reported recently that he found two security breaches on Facebook: reflected file download. One of them allows to upload files to social network servers. The second one is a possible attack against users. Yes, it is really hard to find midpoint between security, customer demands and the pressure of competence pressure.

Next issue treast just this question: pressure. Trustwave has concluded that IT dept. and IT professionals pressure will increase further and further, because of C-level managers and executives at large companies. It was seen in 2014, and we will see it also in next years, as long as security becomes one business pillar.

That also involves external and internal systems securization, and training other employees, especially in between the company managers. Securing users with greater privileges is critical for business developing, and above all to avoid future security breaches... ie, economic losses.

Once again: a real hard balance. There is no 100% secure system, and information lifecycles make it harder for everyone the find of this holy grail.


Post a Comment