I have been off writing for quite some time. I have been so overwhelmed by work and stress that I neglected something I enjoy.
I like writing my experiences and sharing with everyone, you might benefit from some of the stuff I write here.
If you do benefit, I will be happy at least I've helped someone.
I will be writing a series of posts about security, by no means I am an expert in security and what I will share are just my experiences, opinions and some advice. Once again I hope they will be useful to you in some way.
I understand there are many different reasons why people hack into systems and try to steal data or disrupt system. Companies trying to find out some plans, some projects, financial data market to give edge advantage. Government trying to keep an eye on enemy countries, hackers wannabe to show off, hackers trying to gain advantage and make money by stealing credit cards, steal your identity and many more.
As a whole we need to be alert, as an individual, as an employee and as a citizen. There is an infinite pressure to make services cheaper and 24x7. This means many companies will set up on-line services without considering and assessing the risks involved for the company and for the users of the these potential on-line services.
I believe the responsibility for security is complex, companies need to accept their responsibilities and securing their services and not taking the easy route, assuming and quoting probabilities. I can tell you this: If something has the potential to go wrong, it will go wrong. I have been in this industry for too long to know it is just a question of time, lack of attention and bad intention.
Just to give you an idea, few years ago a 6 characters was considered a strong password, for various reasons: a) Computer power was not that great b) Technology was not that developed c)Internet was limited to Universities pretty much d) Information did not travel so fast.
With every good thing, people twist and make it bad, Is the Internet bad or good, is dissemination of information bad or good? is 24x7 services a good thing or a bad thing? I can go on and on, but for each thing there will be voices in favour and voices against...
But as we connect and interconnect and we adequate to this new style of life 24x7, on-line and available immediately we must be aware of the danger which lives and resides in this new world.
The danger as we perceived has changed, we cannot see or even know our enemies most the time, sometimes we won't be able to even realise our information has been compromised until it is too late.
While it is hard and difficult to completely eliminate the danger of being hacked or having our sensitive data compromised, or our identity stolen we can certainly make it more difficult, right?!
In the next post I will talk about security awareness.
I hope you enjoy it and see you next
by Renato de Oliveira
No comments:
Post a Comment