Online PC Help

Recently, I took a look at my laptop computer to see how other people use the system when I’m not watching. It’s not really a “public computer” but my friends do tend to congregate around one system or another when the visit my home or when I visit theirs. After examining the laptop, I came to realize that people tend to freely give up their passwords when using browsers such as Firefox and Internet Explorer. Many web browsers have a feature that allows you to store your usernames and passwords on the system. But, many people tend to forget that they should never save their usernames and passwords on public computers.

The Problem with Public Computers

A true public computer is one that you would find in a library, mall, hotel, or airport. They are generally used by people to check up on their email when they are on-the-go or just to browse the internet. The problem with a public computer is that they are used by everyone – the good guys and the bad guys. Public computers are a welcome convenience for many people, however there are some security risks when using a public computer that you should be aware of before you use one.

Saved Passwords: This is the main problem that actually got me started on writing this article. I noticed that several of my friends had inadvertently saved their passwords to my laptop when they were using the system. I have password saving turned on in Firefox, but have it disabled in Internet Explorer. I went through the saved passwords in Firefox and noticed that I had just about everybody’s usernames and passwords for common websites such as MySpace and Facebook.

Keyloggers: There are many unscrupulous people out there. Even if you don’t save your password on a public computer, they can still get your password using a keylogger. Although far less common, it does happen. A friend of mine in Texas had his World of Warcraft account cracked into and later discovered that he had a keylogger installed on his computer. He has since taken extra steps to prevent that from happening again. Keyloggers record every keystroke on a computer system – usernames, passwords, IM conversations, documents, and basically everything else.

Prying Eyes: I’m sure you’ve all seen the commercials on TV with McGruff the Crime Dog and the people getting their credit card information stolen at the store. The same thing can be true for public computers – that guy standing behind you may be looking over your shoulder as you type in your personal information. A cell phone camera can record your keystrokes just as easily as a keylogger.

Failing to Logout: When you walk away from a computer, you may leave up several browser windows – but it only takes one for someone to gain access to your personal accounts and extract your information. Just walking away from a computer for a couple of minutes can give someone enough time to gain access to your personal information. For example, you could be sitting at a library computer and need to print off an email you received from a family member. While you’re walking over to the technology desk to pick up your paper, someone could easily sit down and gain access to your account.

Be Safe on Public Computers

The best advise I can give someone when using a public computer is plain and simple –

Don’t use a public computer!

However, there are circumstances that may require you to use one despite my best efforts to keep from using one. These same rules can apply when you’re using a friends computer or a computer at work.

Don’t Save Passwords: Don’t save your passwords on a public computer. You’re just asking for trouble if you do.

Don’t Type in Passwords: To prevent from getting burned by a keylogger, don’t use a public computer to access secure websites.

Watch Around You: If somebody seems a little shady, then they probably are. Don’t allow someone to see what you’re typing into the computer.

Logout and Close the Browser: If you did login to a secure website, make sure that you logout of the website and then close the browser.

A Word on Saved IM Logs

Most people don’t even realize it, but many instant messaging (IM) programs have a feature that saves each and every conversation you have with your friends. IM logs are used in all of the common IM programs such as Yahoo Messenger, MSN Messenger, and AOL Instant Messanger. You can turn these logs on and off, but you should be aware that your conversations are recorded, just like with a keylogger. When using a public computer, don’t use an IM program or else you could compromise your personal conversations.

Change Your Passwords

After using a public computer, change your passwords in case your information has been compromised. Also, don’t use simple passwords such as “123456″ or “password”. PC Magazine released its Top 10 Most Common Passwords and oddly enough, many people still continue to use these passwords. If you’re using a password from that list, I suggest you choose another one that is not on the list.

Read more on Don’t Save Your Passwords on a Public Computer…

Recently, I took a look at my laptop computer to see how other people use the system when I’m not watching. It’s not really a “public computer” but my friends do tend to congregate around one system or another when the visit my home or when I visit theirs. After examining the laptop, I came to realize that people tend to freely give up their passwords when using browsers such as Firefox and Internet Explorer. Many web browsers have a feature that allows you to store your usernames and passwords on the system. But, many people tend to forget that they should never save their usernames and passwords on public computers.

The Problem with Public Computers

A true public computer is one that you would find in a library, mall, hotel, or airport. They are generally used by people to check up on their email when they are on-the-go or just to browse the internet. The problem with a public computer is that they are used by everyone – the good guys and the bad guys. Public computers are a welcome convenience for many people, however there are some security risks when using a public computer that you should be aware of before you use one.

Saved Passwords: This is the main problem that actually got me started on writing this article. I noticed that several of my friends had inadvertently saved their passwords to my laptop when they were using the system. I have password saving turned on in Firefox, but have it disabled in Internet Explorer. I went through the saved passwords in Firefox and noticed that I had just about everybody’s usernames and passwords for common websites such as MySpace and Facebook.

Keyloggers: There are many unscrupulous people out there. Even if you don’t save your password on a public computer, they can still get your password using a keylogger. Although far less common, it does happen. A friend of mine in Texas had his World of Warcraft account cracked into and later discovered that he had a keylogger installed on his computer. He has since taken extra steps to prevent that from happening again. Keyloggers record every keystroke on a computer system – usernames, passwords, IM conversations, documents, and basically everything else.

Prying Eyes: I’m sure you’ve all seen the commercials on TV with McGruff the Crime Dog and the people getting their credit card information stolen at the store. The same thing can be true for public computers – that guy standing behind you may be looking over your shoulder as you type in your personal information. A cell phone camera can record your keystrokes just as easily as a keylogger.

Failing to Logout: When you walk away from a computer, you may leave up several browser windows – but it only takes one for someone to gain access to your personal accounts and extract your information. Just walking away from a computer for a couple of minutes can give someone enough time to gain access to your personal information. For example, you could be sitting at a library computer and need to print off an email you received from a family member. While you’re walking over to the technology desk to pick up your paper, someone could easily sit down and gain access to your account.

Be Safe on Public Computers

The best advise I can give someone when using a public computer is plain and simple –

Don’t use a public computer!

However, there are circumstances that may require you to use one despite my best efforts to keep from using one. These same rules can apply when you’re using a friends computer or a computer at work.

Don’t Save Passwords: Don’t save your passwords on a public computer. You’re just asking for trouble if you do.

Don’t Type in Passwords: To prevent from getting burned by a keylogger, don’t use a public computer to access secure websites.

Watch Around You: If somebody seems a little shady, then they probably are. Don’t allow someone to see what you’re typing into the computer.

Logout and Close the Browser: If you did login to a secure website, make sure that you logout of the website and then close the browser.

A Word on Saved IM Logs

Most people don’t even realize it, but many instant messaging (IM) programs have a feature that saves each and every conversation you have with your friends. IM logs are used in all of the common IM programs such as Yahoo Messenger, MSN Messenger, and AOL Instant Messanger. You can turn these logs on and off, but you should be aware that your conversations are recorded, just like with a keylogger. When using a public computer, don’t use an IM program or else you could compromise your personal conversations.

Change Your Passwords

After using a public computer, change your passwords in case your information has been compromised. Also, don’t use simple passwords such as “123456″ or “password”. PC Magazine released its Top 10 Most Common Passwords and oddly enough, many people still continue to use these passwords. If you’re using a password from that list, I suggest you choose another one that is not on the list.

Read more on Don’t Save Your Passwords on a Public Computer…

Recently, I took a look at my laptop computer to see how other people use the system when I’m not watching. It’s not really a “public computer” but my friends do tend to congregate around one system or another when the visit my home or when I visit theirs. After examining the laptop, I came to realize that people tend to freely give up their passwords when using browsers such as Firefox and Internet Explorer. Many web browsers have a feature that allows you to store your usernames and passwords on the system. But, many people tend to forget that they should never save their usernames and passwords on public computers.

The Problem with Public Computers

A true public computer is one that you would find in a library, mall, hotel, or airport. They are generally used by people to check up on their email when they are on-the-go or just to browse the internet. The problem with a public computer is that they are used by everyone – the good guys and the bad guys. Public computers are a welcome convenience for many people, however there are some security risks when using a public computer that you should be aware of before you use one.

Saved Passwords: This is the main problem that actually got me started on writing this article. I noticed that several of my friends had inadvertently saved their passwords to my laptop when they were using the system. I have password saving turned on in Firefox, but have it disabled in Internet Explorer. I went through the saved passwords in Firefox and noticed that I had just about everybody’s usernames and passwords for common websites such as MySpace and Facebook.

Keyloggers: There are many unscrupulous people out there. Even if you don’t save your password on a public computer, they can still get your password using a keylogger. Although far less common, it does happen. A friend of mine in Texas had his World of Warcraft account cracked into and later discovered that he had a keylogger installed on his computer. He has since taken extra steps to prevent that from happening again. Keyloggers record every keystroke on a computer system – usernames, passwords, IM conversations, documents, and basically everything else.

Prying Eyes: I’m sure you’ve all seen the commercials on TV with McGruff the Crime Dog and the people getting their credit card information stolen at the store. The same thing can be true for public computers – that guy standing behind you may be looking over your shoulder as you type in your personal information. A cell phone camera can record your keystrokes just as easily as a keylogger.

Failing to Logout: When you walk away from a computer, you may leave up several browser windows – but it only takes one for someone to gain access to your personal accounts and extract your information. Just walking away from a computer for a couple of minutes can give someone enough time to gain access to your personal information. For example, you could be sitting at a library computer and need to print off an email you received from a family member. While you’re walking over to the technology desk to pick up your paper, someone could easily sit down and gain access to your account.

Be Safe on Public Computers

The best advise I can give someone when using a public computer is plain and simple –

Don’t use a public computer!

However, there are circumstances that may require you to use one despite my best efforts to keep from using one. These same rules can apply when you’re using a friends computer or a computer at work.

Don’t Save Passwords: Don’t save your passwords on a public computer. You’re just asking for trouble if you do.

Don’t Type in Passwords: To prevent from getting burned by a keylogger, don’t use a public computer to access secure websites.

Watch Around You: If somebody seems a little shady, then they probably are. Don’t allow someone to see what you’re typing into the computer.

Logout and Close the Browser: If you did login to a secure website, make sure that you logout of the website and then close the browser.

A Word on Saved IM Logs

Most people don’t even realize it, but many instant messaging (IM) programs have a feature that saves each and every conversation you have with your friends. IM logs are used in all of the common IM programs such as Yahoo Messenger, MSN Messenger, and AOL Instant Messanger. You can turn these logs on and off, but you should be aware that your conversations are recorded, just like with a keylogger. When using a public computer, don’t use an IM program or else you could compromise your personal conversations.

Change Your Passwords

After using a public computer, change your passwords in case your information has been compromised. Also, don’t use simple passwords such as “123456″ or “password”. PC Magazine released its Top 10 Most Common Passwords and oddly enough, many people still continue to use these passwords. If you’re using a password from that list, I suggest you choose another one that is not on the list.

Read more on Don’t Save Your Passwords on a Public Computer…

Recently, I took a look at my laptop computer to see how other people use the system when I’m not watching. It’s not really a “public computer” but my friends do tend to congregate around one system or another when the visit my home or when I visit theirs. After examining the laptop, I came to realize that people tend to freely give up their passwords when using browsers such as Firefox and Internet Explorer. Many web browsers have a feature that allows you to store your usernames and passwords on the system. But, many people tend to forget that they should never save their usernames and passwords on public computers.

The Problem with Public Computers

A true public computer is one that you would find in a library, mall, hotel, or airport. They are generally used by people to check up on their email when they are on-the-go or just to browse the internet. The problem with a public computer is that they are used by everyone – the good guys and the bad guys. Public computers are a welcome convenience for many people, however there are some security risks when using a public computer that you should be aware of before you use one.

Saved Passwords: This is the main problem that actually got me started on writing this article. I noticed that several of my friends had inadvertently saved their passwords to my laptop when they were using the system. I have password saving turned on in Firefox, but have it disabled in Internet Explorer. I went through the saved passwords in Firefox and noticed that I had just about everybody’s usernames and passwords for common websites such as MySpace and Facebook.

Keyloggers: There are many unscrupulous people out there. Even if you don’t save your password on a public computer, they can still get your password using a keylogger. Although far less common, it does happen. A friend of mine in Texas had his World of Warcraft account cracked into and later discovered that he had a keylogger installed on his computer. He has since taken extra steps to prevent that from happening again. Keyloggers record every keystroke on a computer system – usernames, passwords, IM conversations, documents, and basically everything else.

Prying Eyes: I’m sure you’ve all seen the commercials on TV with McGruff the Crime Dog and the people getting their credit card information stolen at the store. The same thing can be true for public computers – that guy standing behind you may be looking over your shoulder as you type in your personal information. A cell phone camera can record your keystrokes just as easily as a keylogger.

Failing to Logout: When you walk away from a computer, you may leave up several browser windows – but it only takes one for someone to gain access to your personal accounts and extract your information. Just walking away from a computer for a couple of minutes can give someone enough time to gain access to your personal information. For example, you could be sitting at a library computer and need to print off an email you received from a family member. While you’re walking over to the technology desk to pick up your paper, someone could easily sit down and gain access to your account.

Be Safe on Public Computers

The best advise I can give someone when using a public computer is plain and simple –

Don’t use a public computer!

However, there are circumstances that may require you to use one despite my best efforts to keep from using one. These same rules can apply when you’re using a friends computer or a computer at work.

Don’t Save Passwords: Don’t save your passwords on a public computer. You’re just asking for trouble if you do.

Don’t Type in Passwords: To prevent from getting burned by a keylogger, don’t use a public computer to access secure websites.

Watch Around You: If somebody seems a little shady, then they probably are. Don’t allow someone to see what you’re typing into the computer.

Logout and Close the Browser: If you did login to a secure website, make sure that you logout of the website and then close the browser.

A Word on Saved IM Logs

Most people don’t even realize it, but many instant messaging (IM) programs have a feature that saves each and every conversation you have with your friends. IM logs are used in all of the common IM programs such as Yahoo Messenger, MSN Messenger, and AOL Instant Messanger. You can turn these logs on and off, but you should be aware that your conversations are recorded, just like with a keylogger. When using a public computer, don’t use an IM program or else you could compromise your personal conversations.

Change Your Passwords

After using a public computer, change your passwords in case your information has been compromised. Also, don’t use simple passwords such as “123456″ or “password”. PC Magazine released its Top 10 Most Common Passwords and oddly enough, many people still continue to use these passwords. If you’re using a password from that list, I suggest you choose another one that is not on the list.

Read more on Don’t Save Your Passwords on a Public Computer…

Manage your passwords in a secure way

Norman A. Rubin

In these modern times numbers and words play an import role in our daily lives. Numbers are important as these numerals relate to us our telephone and cell phone number, our driving license and code number for the electronic device that opens the door to the office. Numbers are important in remembering our bank account number when you punch them at the ATM in order to get a bit of cash – no correct data, no money. And if you forget that you had renewed your credit card and punched in the wrong secret number, there will a long wait at line at the teller to cash a check. Numbers are important when you visit the land of red tape when conducting official business; A helpful clerk will greet you pleasantly and the ask, “File number please!” – then silence when you try to remember where you had written it down, most probably on a scrap of paper and jammed in your coat pocket. Words are equally important when used as passwords to our computer sites.

Read more on Manage your Passwords in a Secure Way…

The emergence of the World Wide Web as a global, around the clock marketplace has opened a multitude of new opportunities to businesses which have never before been seen. Computers and global communication networks have brought vendors, customers and markets together in new and beneficial ways. Along with all of the benefits which business has gained from the information age come some downsides. New crimes have not been created by new technology, but rather new technology has given new tools to criminals to commit the same crimes as they always have. The difference is that criminals now have a global reach, just as businesses do. In the U.S. at least, the responsibility for protecting consumers from having their personal information pilfered is placed upon businesses.

While some will blame the computer itself for crimes involving identity theft, it is usually not the computer but rather the way in which the victim has made use of it which is at issue. Their lack of attention to network and computer security has offered access to criminals – right into their home or business. After all, if we never lock our doors, would we blame the contractor who built our home for a burglary? In a corporate environment, it is typically employees, including IT staff who are really at fault.

About 70% of data breaches at businesses can be laid at the feet of people within the company. Employees using weak passwords or making the egregious mistake of writing down their passwords in plain view allow unscrupulous employees and others easy access to company information. Employees know that the quickest way to find a password is to sit at someone’s desk; quite often, employees will tape passwords on notes on the monitor, to the desk (or underneath it) or in desk drawers, often simply labeled “passwords” or worse yet, on the desktop of their computer in an unencrypted document. Keep in mind that if a security breach happens through the use of a legitimate user name and password, it is very difficult for your IT staff to catch. Poor password management on the part of your employees can give criminals complete access to sensitive corporate data.

IT departments try to reduce the risk of data breaches through the implementation of stronger security policies. There are six basic rules of password security which they commonly use. These are:

LENGTH – Passwords should always be at least eight characters long. The longer, the better as long as you can remember your password.
RANDOMNESS – A password should be difficult to guess. Use combinations of numbers and letters; words, dates and so on.
COMPLEXITY – Employ a mix of numbers, punctuation marks and lower and uppercase letters in your passwords.
UNIQUENESS – Use a unique password for each user account.
ROTATION – Passwords should be changed every two to three months.
MANAGEMENT – Never let anyone see your password. And never, ever write it down.

The conflict which is going here is between IT departments and other employees. As IT departments make security measures more complex and difficult for employees, they use weaker security habits to increase the ease of access for themselves. Employees will nearly always forgo security for the sake of convenience.

One way to avoid this conflict is to adopt token based password management. These sorts of systems include:

Security:
o PIN protected smartcards which lock data after a predetermined number of failed attempts at access.
o Passwords are never stored in computers, where hackers and snoopers can find and use them.
o Passwords can be as long as 20 characters, with all 96 possible characters on the keyboard being available to use.
o Each website, encrypted file and network can (and should) have its own unique, complex.
o Since your passwords are never typed in, a keylogger cannot record them.
o The card can be encrypted so that only the software used to manage the cards can access the data on them.

Convenience:
o The management system for these cards can handle logins for different accounts, files, applications and networks.
o The management system can launch a web browser, navigate to the appropriate login page and take care of authentication, all with a double click.
o Users never have to remember (or type)passwords.
o Users will have their passwords on them at all times.
o These cards can be carried in a wallet or even used as an employee ID badge.
o Passwords will not be written or stored where they can be found.
o Cards can store over 100 different passwords and their associated account information
o Login sites are saved to the card.

Portability:
o Passwords are available to users at any workstation once their smartcard is inserted.
o The card can be used in the office or at home or from another remote location. These sorts of smartcards are great for students and others as well.
o Smartcards are ideal for employees who work remotely but need secure access to the company network.

It takes more than just a password to make your network secure, but with the use of security tokens, passwords are no longer the weakest link in a company’s security scheme. Tokens have been developed by security companies for a variety of different applications – companies can evaluate these offerings on the basis of form, usability, the amount of modifications which will be required in their infrastructure, ease of installation and of course, cost. Some smartcards offer advances security but also mean that a lot of back-end server work must be done in order to implement them. Others are easy to set up and use, but are a risk if they are lost or stolen.

Business owners are required by the Privacy Protection Act to keep customer data secure. While no one security measure can provide total security, proper password management should be part of every company’s overall security strategy.

“May your data be secure and your identity be your own.”

Read more on Passwords Don’t Have to Threaten Business Security…

The emergence of the World Wide Web as a global, around the clock marketplace has opened a multitude of new opportunities to businesses which have never before been seen. Computers and global communication networks have brought vendors, customers and markets together in new and beneficial ways. Along with all of the benefits which business has gained from the information age come some downsides. New crimes have not been created by new technology, but rather new technology has given new tools to criminals to commit the same crimes as they always have. The difference is that criminals now have a global reach, just as businesses do. In the U.S. at least, the responsibility for protecting consumers from having their personal information pilfered is placed upon businesses.

While some will blame the computer itself for crimes involving identity theft, it is usually not the computer but rather the way in which the victim has made use of it which is at issue. Their lack of attention to network and computer security has offered access to criminals – right into their home or business. After all, if we never lock our doors, would we blame the contractor who built our home for a burglary? In a corporate environment, it is typically employees, including IT staff who are really at fault.

About 70% of data breaches at businesses can be laid at the feet of people within the company. Employees using weak passwords or making the egregious mistake of writing down their passwords in plain view allow unscrupulous employees and others easy access to company information. Employees know that the quickest way to find a password is to sit at someone’s desk; quite often, employees will tape passwords on notes on the monitor, to the desk (or underneath it) or in desk drawers, often simply labeled “passwords” or worse yet, on the desktop of their computer in an unencrypted document. Keep in mind that if a security breach happens through the use of a legitimate user name and password, it is very difficult for your IT staff to catch. Poor password management on the part of your employees can give criminals complete access to sensitive corporate data.

IT departments try to reduce the risk of data breaches through the implementation of stronger security policies. There are six basic rules of password security which they commonly use. These are:

LENGTH – Passwords should always be at least eight characters long. The longer, the better as long as you can remember your password.
RANDOMNESS – A password should be difficult to guess. Use combinations of numbers and letters; words, dates and so on.
COMPLEXITY – Employ a mix of numbers, punctuation marks and lower and uppercase letters in your passwords.
UNIQUENESS – Use a unique password for each user account.
ROTATION – Passwords should be changed every two to three months.
MANAGEMENT – Never let anyone see your password. And never, ever write it down.

The conflict which is going here is between IT departments and other employees. As IT departments make security measures more complex and difficult for employees, they use weaker security habits to increase the ease of access for themselves. Employees will nearly always forgo security for the sake of convenience.

One way to avoid this conflict is to adopt token based password management. These sorts of systems include:

Security:
o PIN protected smartcards which lock data after a predetermined number of failed attempts at access.
o Passwords are never stored in computers, where hackers and snoopers can find and use them.
o Passwords can be as long as 20 characters, with all 96 possible characters on the keyboard being available to use.
o Each website, encrypted file and network can (and should) have its own unique, complex.
o Since your passwords are never typed in, a keylogger cannot record them.
o The card can be encrypted so that only the software used to manage the cards can access the data on them.

Convenience:
o The management system for these cards can handle logins for different accounts, files, applications and networks.
o The management system can launch a web browser, navigate to the appropriate login page and take care of authentication, all with a double click.
o Users never have to remember (or type)passwords.
o Users will have their passwords on them at all times.
o These cards can be carried in a wallet or even used as an employee ID badge.
o Passwords will not be written or stored where they can be found.
o Cards can store over 100 different passwords and their associated account information
o Login sites are saved to the card.

Portability:
o Passwords are available to users at any workstation once their smartcard is inserted.
o The card can be used in the office or at home or from another remote location. These sorts of smartcards are great for students and others as well.
o Smartcards are ideal for employees who work remotely but need secure access to the company network.

It takes more than just a password to make your network secure, but with the use of security tokens, passwords are no longer the weakest link in a company’s security scheme. Tokens have been developed by security companies for a variety of different applications – companies can evaluate these offerings on the basis of form, usability, the amount of modifications which will be required in their infrastructure, ease of installation and of course, cost. Some smartcards offer advances security but also mean that a lot of back-end server work must be done in order to implement them. Others are easy to set up and use, but are a risk if they are lost or stolen.

Business owners are required by the Privacy Protection Act to keep customer data secure. While no one security measure can provide total security, proper password management should be part of every company’s overall security strategy.

“May your data be secure and your identity be your own.”

Read more on Passwords Don’t Have to Threaten Business Security…

The emergence of the World Wide Web as a global, around the clock marketplace has opened a multitude of new opportunities to businesses which have never before been seen. Computers and global communication networks have brought vendors, customers and markets together in new and beneficial ways. Along with all of the benefits which business has gained from the information age come some downsides. New crimes have not been created by new technology, but rather new technology has given new tools to criminals to commit the same crimes as they always have. The difference is that criminals now have a global reach, just as businesses do. In the U.S. at least, the responsibility for protecting consumers from having their personal information pilfered is placed upon businesses.

While some will blame the computer itself for crimes involving identity theft, it is usually not the computer but rather the way in which the victim has made use of it which is at issue. Their lack of attention to network and computer security has offered access to criminals – right into their home or business. After all, if we never lock our doors, would we blame the contractor who built our home for a burglary? In a corporate environment, it is typically employees, including IT staff who are really at fault.

About 70% of data breaches at businesses can be laid at the feet of people within the company. Employees using weak passwords or making the egregious mistake of writing down their passwords in plain view allow unscrupulous employees and others easy access to company information. Employees know that the quickest way to find a password is to sit at someone’s desk; quite often, employees will tape passwords on notes on the monitor, to the desk (or underneath it) or in desk drawers, often simply labeled “passwords” or worse yet, on the desktop of their computer in an unencrypted document. Keep in mind that if a security breach happens through the use of a legitimate user name and password, it is very difficult for your IT staff to catch. Poor password management on the part of your employees can give criminals complete access to sensitive corporate data.

IT departments try to reduce the risk of data breaches through the implementation of stronger security policies. There are six basic rules of password security which they commonly use. These are:

LENGTH – Passwords should always be at least eight characters long. The longer, the better as long as you can remember your password.
RANDOMNESS – A password should be difficult to guess. Use combinations of numbers and letters; words, dates and so on.
COMPLEXITY – Employ a mix of numbers, punctuation marks and lower and uppercase letters in your passwords.
UNIQUENESS – Use a unique password for each user account.
ROTATION – Passwords should be changed every two to three months.
MANAGEMENT – Never let anyone see your password. And never, ever write it down.

The conflict which is going here is between IT departments and other employees. As IT departments make security measures more complex and difficult for employees, they use weaker security habits to increase the ease of access for themselves. Employees will nearly always forgo security for the sake of convenience.

One way to avoid this conflict is to adopt token based password management. These sorts of systems include:

Security:
o PIN protected smartcards which lock data after a predetermined number of failed attempts at access.
o Passwords are never stored in computers, where hackers and snoopers can find and use them.
o Passwords can be as long as 20 characters, with all 96 possible characters on the keyboard being available to use.
o Each website, encrypted file and network can (and should) have its own unique, complex.
o Since your passwords are never typed in, a keylogger cannot record them.
o The card can be encrypted so that only the software used to manage the cards can access the data on them.

Convenience:
o The management system for these cards can handle logins for different accounts, files, applications and networks.
o The management system can launch a web browser, navigate to the appropriate login page and take care of authentication, all with a double click.
o Users never have to remember (or type)passwords.
o Users will have their passwords on them at all times.
o These cards can be carried in a wallet or even used as an employee ID badge.
o Passwords will not be written or stored where they can be found.
o Cards can store over 100 different passwords and their associated account information
o Login sites are saved to the card.

Portability:
o Passwords are available to users at any workstation once their smartcard is inserted.
o The card can be used in the office or at home or from another remote location. These sorts of smartcards are great for students and others as well.
o Smartcards are ideal for employees who work remotely but need secure access to the company network.

It takes more than just a password to make your network secure, but with the use of security tokens, passwords are no longer the weakest link in a company’s security scheme. Tokens have been developed by security companies for a variety of different applications – companies can evaluate these offerings on the basis of form, usability, the amount of modifications which will be required in their infrastructure, ease of installation and of course, cost. Some smartcards offer advances security but also mean that a lot of back-end server work must be done in order to implement them. Others are easy to set up and use, but are a risk if they are lost or stolen.

Business owners are required by the Privacy Protection Act to keep customer data secure. While no one security measure can provide total security, proper password management should be part of every company’s overall security strategy.

“May your data be secure and your identity be your own.”

Read more on Passwords Don’t Have to Threaten Business Security…

The emergence of the World Wide Web as a global, around the clock marketplace has opened a multitude of new opportunities to businesses which have never before been seen. Computers and global communication networks have brought vendors, customers and markets together in new and beneficial ways. Along with all of the benefits which business has gained from the information age come some downsides. New crimes have not been created by new technology, but rather new technology has given new tools to criminals to commit the same crimes as they always have. The difference is that criminals now have a global reach, just as businesses do. In the U.S. at least, the responsibility for protecting consumers from having their personal information pilfered is placed upon businesses.

While some will blame the computer itself for crimes involving identity theft, it is usually not the computer but rather the way in which the victim has made use of it which is at issue. Their lack of attention to network and computer security has offered access to criminals – right into their home or business. After all, if we never lock our doors, would we blame the contractor who built our home for a burglary? In a corporate environment, it is typically employees, including IT staff who are really at fault.

About 70% of data breaches at businesses can be laid at the feet of people within the company. Employees using weak passwords or making the egregious mistake of writing down their passwords in plain view allow unscrupulous employees and others easy access to company information. Employees know that the quickest way to find a password is to sit at someone’s desk; quite often, employees will tape passwords on notes on the monitor, to the desk (or underneath it) or in desk drawers, often simply labeled “passwords” or worse yet, on the desktop of their computer in an unencrypted document. Keep in mind that if a security breach happens through the use of a legitimate user name and password, it is very difficult for your IT staff to catch. Poor password management on the part of your employees can give criminals complete access to sensitive corporate data.

IT departments try to reduce the risk of data breaches through the implementation of stronger security policies. There are six basic rules of password security which they commonly use. These are:

LENGTH – Passwords should always be at least eight characters long. The longer, the better as long as you can remember your password.
RANDOMNESS – A password should be difficult to guess. Use combinations of numbers and letters; words, dates and so on.
COMPLEXITY – Employ a mix of numbers, punctuation marks and lower and uppercase letters in your passwords.
UNIQUENESS – Use a unique password for each user account.
ROTATION – Passwords should be changed every two to three months.
MANAGEMENT – Never let anyone see your password. And never, ever write it down.

The conflict which is going here is between IT departments and other employees. As IT departments make security measures more complex and difficult for employees, they use weaker security habits to increase the ease of access for themselves. Employees will nearly always forgo security for the sake of convenience.

One way to avoid this conflict is to adopt token based password management. These sorts of systems include:

Security:
o PIN protected smartcards which lock data after a predetermined number of failed attempts at access.
o Passwords are never stored in computers, where hackers and snoopers can find and use them.
o Passwords can be as long as 20 characters, with all 96 possible characters on the keyboard being available to use.
o Each website, encrypted file and network can (and should) have its own unique, complex.
o Since your passwords are never typed in, a keylogger cannot record them.
o The card can be encrypted so that only the software used to manage the cards can access the data on them.

Convenience:
o The management system for these cards can handle logins for different accounts, files, applications and networks.
o The management system can launch a web browser, navigate to the appropriate login page and take care of authentication, all with a double click.
o Users never have to remember (or type)passwords.
o Users will have their passwords on them at all times.
o These cards can be carried in a wallet or even used as an employee ID badge.
o Passwords will not be written or stored where they can be found.
o Cards can store over 100 different passwords and their associated account information
o Login sites are saved to the card.

Portability:
o Passwords are available to users at any workstation once their smartcard is inserted.
o The card can be used in the office or at home or from another remote location. These sorts of smartcards are great for students and others as well.
o Smartcards are ideal for employees who work remotely but need secure access to the company network.

It takes more than just a password to make your network secure, but with the use of security tokens, passwords are no longer the weakest link in a company’s security scheme. Tokens have been developed by security companies for a variety of different applications – companies can evaluate these offerings on the basis of form, usability, the amount of modifications which will be required in their infrastructure, ease of installation and of course, cost. Some smartcards offer advances security but also mean that a lot of back-end server work must be done in order to implement them. Others are easy to set up and use, but are a risk if they are lost or stolen.

Business owners are required by the Privacy Protection Act to keep customer data secure. While no one security measure can provide total security, proper password management should be part of every company’s overall security strategy.

“May your data be secure and your identity be your own.”

Read more on Passwords Don’t Have to Threaten Business Security…

The emergence of the World Wide Web as a global, around the clock marketplace has opened a multitude of new opportunities to businesses which have never before been seen. Computers and global communication networks have brought vendors, customers and markets together in new and beneficial ways. Along with all of the benefits which business has gained from the information age come some downsides. New crimes have not been created by new technology, but rather new technology has given new tools to criminals to commit the same crimes as they always have. The difference is that criminals now have a global reach, just as businesses do. In the U.S. at least, the responsibility for protecting consumers from having their personal information pilfered is placed upon businesses.

While some will blame the computer itself for crimes involving identity theft, it is usually not the computer but rather the way in which the victim has made use of it which is at issue. Their lack of attention to network and computer security has offered access to criminals – right into their home or business. After all, if we never lock our doors, would we blame the contractor who built our home for a burglary? In a corporate environment, it is typically employees, including IT staff who are really at fault.

About 70% of data breaches at businesses can be laid at the feet of people within the company. Employees using weak passwords or making the egregious mistake of writing down their passwords in plain view allow unscrupulous employees and others easy access to company information. Employees know that the quickest way to find a password is to sit at someone’s desk; quite often, employees will tape passwords on notes on the monitor, to the desk (or underneath it) or in desk drawers, often simply labeled “passwords” or worse yet, on the desktop of their computer in an unencrypted document. Keep in mind that if a security breach happens through the use of a legitimate user name and password, it is very difficult for your IT staff to catch. Poor password management on the part of your employees can give criminals complete access to sensitive corporate data.

IT departments try to reduce the risk of data breaches through the implementation of stronger security policies. There are six basic rules of password security which they commonly use. These are:

LENGTH – Passwords should always be at least eight characters long. The longer, the better as long as you can remember your password.
RANDOMNESS – A password should be difficult to guess. Use combinations of numbers and letters; words, dates and so on.
COMPLEXITY – Employ a mix of numbers, punctuation marks and lower and uppercase letters in your passwords.
UNIQUENESS – Use a unique password for each user account.
ROTATION – Passwords should be changed every two to three months.
MANAGEMENT – Never let anyone see your password. And never, ever write it down.

The conflict which is going here is between IT departments and other employees. As IT departments make security measures more complex and difficult for employees, they use weaker security habits to increase the ease of access for themselves. Employees will nearly always forgo security for the sake of convenience.

One way to avoid this conflict is to adopt token based password management. These sorts of systems include:

Security:
o PIN protected smartcards which lock data after a predetermined number of failed attempts at access.
o Passwords are never stored in computers, where hackers and snoopers can find and use them.
o Passwords can be as long as 20 characters, with all 96 possible characters on the keyboard being available to use.
o Each website, encrypted file and network can (and should) have its own unique, complex.
o Since your passwords are never typed in, a keylogger cannot record them.
o The card can be encrypted so that only the software used to manage the cards can access the data on them.

Convenience:
o The management system for these cards can handle logins for different accounts, files, applications and networks.
o The management system can launch a web browser, navigate to the appropriate login page and take care of authentication, all with a double click.
o Users never have to remember (or type)passwords.
o Users will have their passwords on them at all times.
o These cards can be carried in a wallet or even used as an employee ID badge.
o Passwords will not be written or stored where they can be found.
o Cards can store over 100 different passwords and their associated account information
o Login sites are saved to the card.

Portability:
o Passwords are available to users at any workstation once their smartcard is inserted.
o The card can be used in the office or at home or from another remote location. These sorts of smartcards are great for students and others as well.
o Smartcards are ideal for employees who work remotely but need secure access to the company network.

It takes more than just a password to make your network secure, but with the use of security tokens, passwords are no longer the weakest link in a company’s security scheme. Tokens have been developed by security companies for a variety of different applications – companies can evaluate these offerings on the basis of form, usability, the amount of modifications which will be required in their infrastructure, ease of installation and of course, cost. Some smartcards offer advances security but also mean that a lot of back-end server work must be done in order to implement them. Others are easy to set up and use, but are a risk if they are lost or stolen.

Business owners are required by the Privacy Protection Act to keep customer data secure. While no one security measure can provide total security, proper password management should be part of every company’s overall security strategy.

“May your data be secure and your identity be your own.”

Read more on Passwords Don’t Have to Threaten Business Security…