Security measures need to be applied today at or near ones information systems.
http://www.whitehouse.gov/sites/default/files/microsites/ostp/PCAST/pcast_cybersecurity_nov-2013.pdf
When Adobe was attacked last October, The NY Times reported that there was evidence people may have shown passwords for bank accounts, email, Facebook and even garage door codes.
From <http://bits.blogs.nytimes.com/2013/11/12/adobe-breach-inadvertently-tied-to-other-accounts/>
We can all be careless when we fall into a routine. It is natural to forget to be on guard, when you are at work. but the concerns are very real if not addressed. Before Target’s disclosure and now E Bay’s these were some of the important the questions and some potential answers that everyone needs consider:
1. How does the company determine what are the best practices for its industry?
2. What is the company’s present state of conformity to those practices?
3. What is the company’s plan and schedule for achieving full conformity?
4. How is the company ensuring that its best practices are improved and updated in response to evolving threats?
By making a careful inventory of the people, processes and things that make up their information system companies have the best security.
- Consumer, vendor and company people that access information systems need auditing and training.
- Processes, what interfaces does your business expose with its processes.
- Things, are the easiest, yet a huge number of endpoints are vulnerable because of up front expenses
When one compares the upfront cost with the potential price of doing nothing, why are businesses and the people who staff the waiting. Act now.
Recommendations: Lock-down the potential breaches before they happen. Have managed security on each devices. Control Internet traffic through use of the latest fully tested technologies. And the most important recommendation is explain written policies to everyone using your systems.
Finding: Use our third-party audit and continuous improvement processes to have well managed an effective cyber-security culture than with best practice security measures all with little or no effort.
