Comments for “Protect yourself from one of the easiest ways people can steal your personal data in public”

One thing to keep in mind is that firms that process PII or other sensitive data may restrict staff that access these systems from working remotely.  In particular, financial firms often have sophisticated monitoring programs that may not work for remote users.

Wade Mackey

 

One thing to keep in mind is that password keepers and the browser function to remember passwords have their own vulnerabilities that can resut in an attacker taking advantage of these.

Wade

 

Is it me or does it seem like we are accumulating more and more passwords everyday.  From work to school to our personal life, we are constantly creating new accounts and passwords that we have to remember.  The world is online and with it a requirement to create an account with every site you visit.  We have accounts for basically everything we need; online banking, shopping, gaming, social networks, educations, mobile apps, loans, mortgages, and privileged account for systems at work.  How do we remember it all? As a student in the ITACS program, we know better than to write it down or even worst, put it on a sticky note under our laptop.   Fortunately for us, some systems may have Single-Sign on, like mobile apps where you can sign on using your Facebook account, or Two-Factor Authentication where we have to carry a physical device. At the end of the day we still have to remember some passwords and of course we do not want to use the same passwords for every account.  To add on to this problem, passwords requirements are becoming more complex.  Rules such as 1 upper case, 1 lower case, special characters, and no dictionary words makes it even more difficult to remember passwords.

There are programs out there like Secure Password Manager, or Keeper that allows you to store your passwords with another password which doesn’t seem to solve our issue.  What happen if these service providers get hacked, now all of our accounts are at risk.  I’ve recently read an article that made REMEMBERING password a little easier.  It basically said to think of a sentence and use that sentence to help create a password that you can remember while meeting password criteria.  For example: I bought my daughter first dog for 200 dollar .  My password would be “Ibmd1stdf200$”  By using the first letter of each word and replacing first with “1st,”  I am able to create a password that meets all the password criteria.  It’s a simple tip, but I never thought about it until I read this article.

Please see the article for more details: http://www.businessinsider.com/hacker-strong-pass-2016-5?pundits_only=0&get_all_comments=1&no_reply_filter=1

It becomes a common approach for many large organizations to allow people to work remotely. In fact, companies from industries such as: IT Health Care, Manufacturing, Finance etc. have adopted this method to give certain people the freedom to work conveniently. It is nice for an organization to provide freedom for its workforce; however, security represents a major con to that strategy. This is when it becomes crucial to teach those particular workers the best ways to protect PII or PHI while in public. Most security people are so focused on sophisticated ways to protect software and application programs that they often times neglect about physical protection for laptops. Physical protection is the area of focus of this article as it explains in details the benefits and side benefits to ensure privacy and data protection while working on the road.

 

The article can be accessed via this link below:

http://www.businessinsider.com/protect-yourself-from-one-of-the-easiest-ways-people-can-steal-your-personal-data-in-public-2016-9

 

Hi all,

I found this video on Lynda.com and it’s a pretty good tutorial on configuring a cisco switch and setting up VLANs.  It’s not long and broken up into short segments. Definitely helped me with understanding the reading for week 2.

cisco 2950 switch video

Bilaal

 

Article: Students can use the dark web to cheat their way through school

Link: http://www.businessinsider.com/students-can-use-the-dark-web-to-cheat-their-way-through-school-2016-8

I work in education, K-12 and this article is a constant reminder to me on how students are constantly one step ahead of us.   Sure, I know some of the kids in the schools who have a interested in computers, and some I have actually taken under my wing and worked to provide them proper resources to explore their passion.   Years back I had a student who used a USB key to boot a teacher workstation and hack the SAM to get the local administrator password.   The student didn’t do anything with it, but showed the teacher what he had done.   Kind of a, “hey, look how smart I am” gesture.   So, we put that student into an independent study program for computer networking, and to this day, I still keep in touch with the student who is now in college.  

But this offers a whole new level of hacking.  Not only am I on the lookout for those students who will tinker and hack themselves, but any student can pay for the service, if they want to take advantage of it.   Security is a constant life of catch up.   We can’t fix an issue, until we know it’s an issue and we are constantly chasing after the next generation of kids who know more then us.   And kids sometimes have nothing better to do than sit in class and “tinker”.

This is just plain and simple fact.  At my school, we work very hard to educate students about the rights and wrongs of use.   I can attempt to stop as much unethical behavior as I want, but the reality is that I can’t.   So, education on what is the proper use is paramount!    But at the end of the day, we can make it tough for students to cheat/hack/etc, but anyone intend on real harm can either do it themselves if they have the skill, or hire a professional to get it done!

 

https://community.mis.temple.edu/itacs5211fall16/2016/09/01/3158/

Welcome to Ethical Hacking