The Pesky Human Factor in Password Resets and IT Security
Forgot your password? Call in-house IT support. They’ll ask you a couple of questions to verify your identity (maybe your date of birth, your favourite colour). Then they’ll reset your password and tell you what it is so that you can go and do that work that’s been piling up. Or so that you can […]
Hacking Yourself to Find Holes in IT Security Before Others Do
The more IT pervades businesses, the more IT-based tools hackers have to exploit vulnerabilities. If you want your company to stay safe, you may need to ‘attack’ yourself to find out where the weak points are and fix them to prevent others from breaking in. The following list of hacker tools and techniques will give […]
Where are the Holes? Turning IT Security Inside-Out
It’s an unfortunate truth. The holes in your IT security are most likely to be where you neither see them nor expect them. That means they’ll be outside the basic security arrangements that most organisations make. Firewalls, up to date software versions and strong user passwords are all necessary, but not sufficient. Really testing security […]
IT Security is Essential in the Cloud – But Which Cloud Do We Mean?
Clouds by definition are nebulous and vague. Their use in IT models and discussions goes back decades, long before the current cloud computing models. A ‘cloud’ was convenient shorthand for showing a link between a system on one side and a terminal or another system on the other. Today however, the concept has evolved. Not […]
Penetration Testing: How Many Shades of Grey?
Commercial enterprises know that the best way to maintain market leadership is to attack yourself. It’s the same in IT security if you want to maximize your resistance against hackers. A niche industry has grown up around penetration testing – or ‘pentesting’ for short. Providers in this sector offer their services for applying automated or […]
Is Seven the Magic Number for IT Security?
The number seven crops up in many contexts: the Seven Wonders of the World, the seven dwarfs, and now the seven levels of cyber security. Let’s start with the different levels of threats posed by hackers. In order of increasing severity, we have: script kiddies (hacking for fun); the hacking group (often the first level […]