Thursday

Why Information Security is Important


The security of personal information is something everyone should be concerned about (just read some of my stories on identity theft). Despite this, it seems that more and more cases of neglect by large organisations are appearing in the media.
Why?

If you read on. you'll find an article involving some of the world's biggest banks and lending organisations. American Express is one organisation I have had a specific bad experience with concerning security of data. As a result, I now refuse to deal with that organisation.
Read further on and you'll find an abstract of the excellent article 'creating a culture of security', as well as a link to it if you find it interesting.

Put simply, software out there enables hackers, and for that matter anyone at all, to recover just about any data from any hard drive. Everything is recoverable whether you use a software shredder or not. The only real way to be certain the information contained on hard drives is erased is to actually remove the drive and destroy it.

If a criminal, or even a novice, recovers your personal information like bank accounts, birth details, licences or social security particulars, they can steal your identity. It's a disgrace that this sort of thing is happening on a regular basis and people have become almost desensitised to it.
Technology cannot be relied upon anymore to be beyond the realms of the layman's knowledge. These days, most 12 year olds can search a hard drive.

'Government probe launched after details of one million bank customers found on computer sold on eBay'

The UK Daily Mail writes...

The eBay computer scandal which saw the loss of personal data on a million bank customers is to be investigated by the Information Commissioner.
The firms involved - the Royal Bank of Scotland, NatWest and American Express - have also promised to launch probes.
The Mail revealed today that the data was found on a second-hand computer sold for £35 in an eBay auction.
American Express said it was working 'as a matter of priority' to establish which of its card holders could have been affected.
A spokesman said: 'We have strict guidelines for suppliers around the security of information. We are currently working as a matter of priority to establish exactly what data is impacted and identify the card members who may be affected.'

As someone with a limit of more than £20,000 on his credit card, Christopher Tomlins was shocked to learn that NatWest has lost the information that could give anyone access to his account.
When told about the breach by the Daily Mail, Mr Tomlins, 32, said: 'It is like they have given my house keys to a stranger and then said, "Help yourself".'

Other UK Daily Mail Stories

'New data blunder as details of thousands of council taxpayers are found on £6.99 computer sold on eBay'

Personal details of council tax payers have turned up on a computer sold on eBay - a day after data on a million bank customers was found in the same way.
Thousands of bank account numbers, sort codes, names and addresses were stored on the hard drive owned by a borough council.
Further personal details were found including conversations about householders' divorces and family bereavements. The computer was sold on eBay to a Scottish computer expert for just £6.99.

Book Review: Privacy Lost


David H. Holtzman is a former security analyst, military code breaker, and Internet pioneer. His considerable experience and perspective of how technology threatens individual privacy is aimed at readers who are worried about snooping by entities ranging from the government to marketers.

Holtzman plainly outlines what he calls the "seven sins against privacy". He also details the trails we all leave behind that find their way into commercial and government databases. The book is divided into five sections: damage resulting from the loss of privacy, a historical overview, the legal basis of privacy, the mechanics behind snooping, and how to protect privacy.

The book is informative and sometimes frightening. It includes articles from newspapers and magazines regarding various privacy violations, as well as an overview of the gadgets that trace our every movement, from cell phones to global positioning systems, police surveillance cameras, and chips that can be hidden in books and clothing.

Create A Culture of Security
By Lee Hezzlewood at FT.com

We keep seeing news stories, in print, online and on television, about losses of people’s personal information by major organisations. Why do CDs containing names and addresses of millions of people get lost in the post? Why do bank details get sold with a laptop on eBay? How is this continuing to happen even after all of the publicity?

The simple answer is that many organisations don’t have a “culture of security”.

I’m not talking about having passwords or biometric security to control access to systems. I’m not talking about having swipe cards, and high fences to control physical access. I’m not even talking about the vetting of staff to check backgrounds and criminal connections. Most organisations which hold sensitive data already do most if not all of these things.

What I am talking about is engendering a culture of security with all staff – encouraging them to be aware of how security interacts with their day-to-day role, how they have a responsibility for the security of the information they work with, and how to protect that information and themselves.
As an IT Security Consultant, I get paid to be paranoid...





Sunday

How to Stay Safe on Trains


Riding on a train is something a lot of us just have to do. They can be uncomfortable, cold and noisey. They can also be a haven for dysfunctional people who prey on others.

Throughout the world, a lot of governments and private enterprise have started to employee security guards or electronic security, like cameras, to protect the patrons of public transport. However, this is often insufficient.

Like all crime, it seems countries all over the world suffer from the same type of animals who see trains as an opportunity to isolate and attack people. You'll find some stories from around the world as well as tips on how to be safe on trains in this article.

Australian Train Terror

Concerns over railway security have been raised after a 40-year-old woman said she was raped while travelling on a train near Wollongong, on the NSW South Coast.
There were no railway security guards on duty when the woman was attacked at 6.30am on Sunday, South Coast Liberal MP Shelley Hancock said today.
Ms Hancock said CityRail transit officers have not been rostered to work on the Sydney-Wollongong South Coast line for at least the past two weekends.
"I have raised issues of safety and security on the CityRail line for some time but last weekend no transit officers at all were rostered on the South Coast line and there were apparently none this weekend either," she told reporters in Sydney.
"So, in the light of that, we have the allegation of a rape of a 40-year-old woman travelling in the morning at 6.30am...


Read the full article

Japanese Train Rape


Police have served another arrest warrant for a 36-year-old man already on trial for a similar rape earlier this year.
Takamitsu Uezono, a demolition worker from Shiga Prefecture, has admitted to raping a woman aboard a train last August, police said Sunday.
Police linked Uezono to the August rape through their investigation of a similar incident on a train this January in Shiga. Uezono is currently standing trial for the January rape.

Read the full article

Indian Disgrace

The rape of a 13-year-old girl in a suburban train in Bombay in the presence of five commuters has shocked police and raised questions over the safety of women in late-night trains in India's financial hub.
In the incident, which took place in the last train bound for Borivli suburb last Tuesday, drunk labourer Salim Khan allegedly assaulted the mentally-disabled girl in a second class compartment.
The violent act was witnessed by five commuters, including a prominent journalist from one of the leading dailies in the country, who were travelling in the same compartment.
"There were five of them in the train. All they had to do was to pull the chain in the train or shout at earlier stations such as Malad and Kandivli where the train halts," said Rakesh Maria, commissioner of railway police.
The journalist, Ambarish Mishra of the Times of India, said he tried to stop the rape but was threatened with being thrown out of the moving train by the attacker.


Read the full article

Safety Tips When You're on a Train

Having a personal alarm or pepper spray for protection is not a bad idea, but you need to check the legality of such items where you are- Some phones are now being marketed with their own personal alarms.

Never get on the empty car, you need to stay with other people just in case. Try to ride during peak hours rather than quiet times. It might be crowded but there's less chance of an attack. If the train is empty, ride closest to the driver.

Keep personal items in your lap or close by.
When you get on a train, look around and check for an emergency cord or help button. It's a good idea to know where these things are before you need to use them.

While waiting, don't start talking on your phone. Thieves know you're a great target because your mind is on the conversation you're having, not on what is happening around you. Get off the phone and stay alert.
Trust your senses. If you ever feel like something is not safe, like a dark train stop, wait for a stop that is busy and get off there. Change your seat if you feel like someone is watching you.

Most important of all. If you experience any problems protect yourself first, as your property can always be replaced but you can’t.

Self Defence

Many people turn to self defence implements or skills to stay safe. Learning a martial art can be expensive but rewarding. It can also boost your confidence in everyday situations like communicating with people.

Another way to defend yourself is by using an implement. Pepper spray and other sprays like Mace are very common.

Pepper spray is an inflammatory made up of capsicum. It causes immediate closing of the eyes, difficulty breathing, runny nose, and coughing. The duration of its effects depend on the strength of the spray but on average lasts around thirty to forty-five minutes, with diminished effects lasting for hours.

Pepper spray comes in aerosol canisters and the legalities of its use vary all around the world.

In Canada all products with a label containing the words pepper spray, mace, etc, or otherwise originally produced for use on humans are classified as a prohibited weapon. Only Peace Officers, and individuals/corporations who have special government permits may legally carry or possess pepper spray. Any similar canister with the labels reading "dog spray" and/or "bear spray" may be legally carried by anyone. The legality of using spray intended for animal deterent on a person would be decided in court on a case-by-case basis.

In Germany pepper sprays labelled for the purpose of defense against animals may be owned and carried by anyone. Such sprays are not legally considered as weapons. Carrying it at (or on the way to and from) demonstrations may still be punished. Sprays that are not labelled "animal-defense spray" or do not bear the test mark of the Materialprüfungsanstalt(MPA) (material testing institute) are classified as prohibited weapons. Justified use against humans as self-defense is allowed. CS sprays bearing a test mark of the MPA may be owned and carried by anyone over the age of 14.
Add to Technorati Favorites