 |
|
|
|
© Business-Money.com Ltd 2013 |
|
|
|
IT professionals believe that the average child could crack most end-user’s passwords using social networking tools, according to the findings of a survey conducted by SecurEnvoy. The research, involving 300 IT professionals, found that children can now use social networking tools so proficiently that adults simply don’t stand a chance. Perhaps an even greater concern is that a virtual Aladdin’s cave of personal information is now available through social networking sites. The security industry concurs that just relying on a security question – such as asking you to enter your mother’s maiden name or identify the first school you attended – is woefully inadequate to defend against hackers; both those already practicing their craft, and the far superior younger generation about to enter the workplace. Andy Kemshall, co-founder and CTO for SecurEnvoy, said: “You just have to look at the various status updates, and the veritable goldmine of information on social networking sites to see how freely personal information is given away. For example, on Facebook, by labelling relatives, it wouldn’t take a genius to work out that Mrs Jane Brooks’ daughter Susan, whose uncle is Peter Jones, probably has a maiden name of Jones. Susan’s LinkedIn account will then tell us where she works, and probably includes her e-mail address. While many won’t be able to do any more with this information, someone wanting to attack Susan’s employer could log in, answer the secret question and reset her password to potentially get control of her credentials.” The study found that only 16% of security professionals believe using just a secret question for securing passwords is enough protection. What is concerning is that 21% confessed this was the practice within their organisation to reset passwords. That translates to 5% who know it’s a risk but do it anyway, and the other 16% are just naively playing with fire. Andy continued: “The IT professionals spoken to obviously have very real security concerns. But if we’ve got a problem today then what’s going to happen tomorrow when our technology-proficient kids also join in the games and enter the workforce? “We need to start getting serious about security today. To do that there are two things that need to happen; firstly, we need to educate everyone to make sure they realise exactly how much their online social habits are exposing. Secondly, organisations need to wake up to very real threat of inadequate security protection, such as password resets. Just like chip and pin has helped prevent in-person credit card fraud, apps and soft tokens as part of a two-factor authentication process is a very effective security measure. “If we don’t wake up to the risks and start taking security seriously, rather than being shocked that some organisation or other has been breached, it will become the norm and accepted as part of everyday life.” Other Business Money News
| ||||||||||||||||||||
Business
Money delivers news, reviews, research, comment and
analysis to financial intermediaries, bankers, lenders,
and SME decision makers and
supports these finance
professionals with timely, relevant and accurate market
intelligence and sources of business funding.
