Data Breaches are Based on Theft and Employees

With the ever increasing number of data breaches occurring throughout the world, studies are starting to get to the bottom of what has been causing them. In this article there seems to be three underlying themes that are causing vulnerabilities which lead to data breaches. These themes include basic employee errors, such as misusing corporate assets, theft or lost property containing sensitive data, and the introduction of BYOD. With the trend of bringing mobile devices into the enterprise many have policies to secure these devices, but most cannot enforce them. Read More

###

The PortalGuard software is an authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing, and compliance for your web and desktop authentication requirements. PortalGuard provides capabilities including multi-factor authentication, self-service password reset, password synchronization and single sign-on which can be seamlessly configured by user, group, or application.

http://www.PortalGuard.com

Subscribe to our newsletter: http://portalguard.com/contact_us.php

https://twitter.com/portalguard

http://pinterest.com/pistolstar/portalguard

http://www.facebook.com/pistolstar.authentication

http://www.facebook.com/pages/PortalGuard/240761992635169

HTTP Uh-oh! Look at the URL

When it comes to security awareness it is key to provide your employees with quick tips to use throughout their daily routine to help them be more security aware. One of the first that is easy to implement and have employees get in the habit of is taking a look at the URL before they type in credentials.

Many times there are misleading URLs and false websites created for the sole purpose of tricking your end-users and stealing their credentials. To an untrained eye it is easy to be fooled.

(Click Photo to Enlarge)

So the tip to give employees is to make sure to look for HTTPS in any URL where they are entering in credentials or accessing sensitive data. HTTP Secure (HTTPS) layers Hypertext Transfer Protocol on an encrypted SSL/TLS to ensure that information sent to the server is secure. This differs from the basic HTTP URLs which are not secure or encrypted and are subject to “man-in-the-middle” and “eavesdropping” attacks.

By users getting in the habit of looking for the more secure HTTPS you are more likely to prevent them from distributing valuable data over the network. This is a very strong method used best for financial transactions and internal portals.

Learn More:
PortalGuard – secure authentication
Wikipedia – explanation of HTTPS
Image Source: http://www.informatics.indiana.edu/markus/documents/security-education.pdf

The First Line of Defense is Your Employees

Many organizations overlook security awareness as an integral part of their security policies and success in preventing attacks. The fact is that it is your employees who hold the guardianship over your critical assets. By implementing security awareness training you can create the first line of defense against security breaches.

Although employees are conscientious of security requirements, their busy day opens up opportunities to put security on the “back burner”. Without the IT management implementing a strict security awareness training program employees are not as likely to pay attention to authentication best practices. Unfortunately as many IT managers/directors know implementing such a program can be very difficult.

One way to overcome the issues and hurdles in implementing such a program is to provide your employees with quick tips and authentication best practices to empower them to be more aware. These emphasized security tips can help employees throughout their day and better understand the risks associated with being unaware.

For more information on employee security awareness and implementing a training program please take a look at the following articles:

TechRepublic.com

SC Magazine.com

ComputerWorld.com

Federal Computer Week.com