Read the attached chapters, articles below and write 1 page on: \”Social engineering may be one of the biggest problems firms wishing datasecurity face. While technologies exist to do many things–like, continuous control monitoring and continuous auditing tools–the \’the people\’ element may undermine the operation of these tools. There have been some famous \’fails\’ when highly respected, very computer-security-aware organizations got humiliated due to the weakest link in an otherwise very strong chain.
That weakest link is the human element. People are gullible, of course. But people rely extremely heavily, of necessity, on other people for information. It just is impossible to expect individuals to verify everything that they hear even in the course of one day, let alone verify everything day after day. There\’s just not world enough and time. Below are links describing some \’famous fails\’. What are your thoughts on what can be done to deal with this weak link? Find suggested remedies on the Internet? Describe and explain the suggested remedies. Also comment on how vulnerable you think you would be to these issues. The links are:
AND THE SECOND PAGE ON: \”Technology and its impact on our lives is no longer simple, or at least as simple as we might prefer.Technology though has invested our daily lives. We carry extremely advanced technologies in our pocket (those ubiquitous phones, whether \’smart\’ or not), credit cards with or without \’chips\’ to hold our identification information, our iPads, Kindles, Nook readers, or any Windows or other Android-based tablets. Accordingly, we all live with the threat that at some point, on some day, we will drop our cell phone on a bus or subway or leave it behind in a restaurant or a park bench.
Happily, these machines carry the ability to be password protected. On an iphone, for example, you can enable either a 4 character password or a 10 character password. It seems that nothing can go wrong if you lose your phone, that your data will be protected from other eyes. But will it? Are there ways AROUND the password protection? Are there entry points to the world of logons and passwords that you have entered into your phone because you use a variety of devices to access the Internet or because you don\’t trust password managers like Dashlane or Keepass?
After all, despite what these password manager providers say about themselves and how they conduct their business, what do we really know about their operations? Is our data kept locally only on our own machines? Is it uploaded to the password manager websites for transfer, for example, if we use Dashlane on multiple machines? Is it encrypted on our own devices (phones)? Is it encrypted on the Dashlane or Keepass server while awaiting update to another of our devices? Is the transferrence of the data from our device to the Dashlane server back down to our other device encrypted? AND how strong is the encryption used? There have been some famous fails in the last few years in which a company promised encryption of the data but (a) it was not encrypted, or
(b) it was not encrypted using the best-so-far encryption methods, OR THERE WAS SOME OTHER FAIL (E.G., TRUECRYPT. GO FIGURE THAT MYSTERY DISAPPEARANCE OUT!) . Given the Snowden revelations, can we be sure that there is not some hidden backdoor somewhere in the encryption methods used? lookup the NIST saga of last summer; the RSA saga of last summer, and a bit more tangentially, the RSA hacking of several years back. And finally, on this note, who keeps the encryption key? Is it kept solely on our own devices and not transferred to the service provider\’s server? There\’s been a running controversy about Apple\’s iMessage. Apple has claimed that the iMessage messages are encrypted from the time they leave your phone to the time they get to the iMessage recipient\’s phone, that Apple does not have the ability to read the messages, that is they do not have the ability to unencrypt the messages. Do you believe them? Can you find stories on the Internetthat shed light on any of the issues addressed in this discussion thread?
Even if there are no ways around the password protection, doesn\’t that mean that if we forget our passwords we ourselves lose access to our data? The more complex the password is, the more difficult to break, but the more difficult to remember. Often, therefore, we opt for easier passwords. We can remember them more easily. But they can be cracked more easily as well. What that of course means is that if we lose our phone, we may soon lose our passwords to our banks, etc., to whoever found the phone and knows how to crack passwords. However complex the passwords that we use for our financial institutions are, our ability to protect them relies on both keeping physical and logical control of our phones AND having a password strong enough to deter or defeat a \’cracker.\’ But then we can\’t remember them either, perhaps. There is biometric (e.g., fingerprint) readers that may help secure your data–as on the iPhone 5s. But are these enough, or providers of a false sense of security (e.g., see
http://nakedsecurity.sophos.com/2013/09/22/chaos-computer-club-claims-to-have-cracked-the-iphone-5s-fingerprint-sensor/). Think about things you\’ve encountered while scrolling across the web, being asked to create accounts with passwords. Where do you store them? How do you remember them? AND if provide some of the \’if we need to reset your password at your request, we\’ll ask you some questions. Please provide us with your birth date. The school you attended in high school, etc.\’ Now think of the last time you surfed Facebook. How many people provide their birthdays? The high school they attended, etc.? Put it all together. ** Assignment: Please find resources (links) across the Internetdetailing stories of this kind. Provide your reflections on these stories as if you were a CIO–CORPORATE INFORMATION OFFICER, or the like. What does this tell you about Corporate Data Security? Some links are:
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more