7. Who do you trust?
The emerging computing model of melding private and public clouds makes the most sense. Again, you need to have tight control over vital information. If you are going with a cloud vendor, how much control can you exert over the vendor’s IT infrastructure? Can you tweak it to your specs or do you have to take what is offered?
8. Don’t confuse consumer with corporate requirements.
Google applications are great for sharing the little league roster and schedule or a list of your favorite BBQ joints. Those applications are not so good for sharing your corporate financial projections. Use the right tool for the job (and Google apps can’t be hosted in your company).
9. Learn from the mistakes of others.
Your company is not Twitter, but that doesn’t mean you are not a target of the hacking community. Your most important corporate information may be being shared right now on Web-based services. Do you know, have you asked the execs in your company if they are using Google and other shared cloud applications? I’ll bet you’d be surprised by the amount of information going around the cloud.
10. Use strong passwords and change them regularly.
Maybe you can’t stop corporate information from leaking to the cloud, but at least give your co-workers some good advice in using strong passwords that are difficult to hack. Google has some tools to help in this and has sensible limits on the number of access attempts you can make before you are shut out. Use the capabilities that are present in the cloud community even if they are not up to your standards.
Page: 1 2
Elon Musk firm touts cheaper EV models, as profits slump over 50 percent in the…
Bad news for Tim Cook, as Counterpoint records 19 percent fall in iPhone sales in…
TikTok pledges to challenge 'unconstitutional' US ban in the courts, after President Joe Biden signs…
British regulator invites feedback on major partnerships Microsoft and Amazon have struck with smaller AI…
Another 20 staff have been fired by Google over Israel protest and their “completely unacceptable…
Censorship row brewing down under, after the Australian Prime Minister calls Elon Musk an 'arrogant…
View Comments
Arrggg?ARE WE BRAIN DEAD?
The existing user id / password system is an ancient method that was developed for fixed computer systems such as servers, desktops and people needed mobility of account access and people had just one or two accounts to manage.
It is totally a different situation today? People register to tens and possibly hundreds of accounts in their short online lifetime.
And having to define a different user id and password for each of these accounts is simply crazy to expect. And then to give away my mothers maiden name, pets name, my favorite restaurant, etc to a online website that can get hacked can not only compromise my online accounts but also my real accounts such as bank accounts where these are used many a time.
IT IS SCARY?..
I have not used social networking sites much and have switched from one to another regularly. I was on orkut, then got bored and switched to LinkedIn which sounded more professional and now use FaceBook regularly and come to think of it, I use the same password for all of these.
IT IS EVEN MORE SCARY NOW?.
And this thought did not cross me nowoeit happened many months ago when the AOL story broke out and I wondered if there is a solution for this. And then I realized that the solution is not stronger password or having to tell the computer to remember it for me or to use my mother's maiden name to recover it.
THE SOLUTION IS TO JUST DUMP THE PASSWORD?oeiT IS NO LONGER NEEDED.
Today?s USER AUTHENTICATION system is developed for DESKTOP COMPUTING not for CLOUD COMPUTING where people exchange information between each other more regularly.
Today, the computer is mobile be it the NetBook or your Smart Phone. You carry it where you go and with pervasive mobile internet connectivity, you can get connected from anywhere using Wi-Fi, or GPRS or EDGE.
SO PLEASE INTERNET SECURITY EXPERTS?..WAKE UP?WE ARE NO LONGER STUCK TO A DESKTOP. AND HENCE NOT NEED TO USE A USER ID/PASSWORD TO ACCESS OUR ACCOUNTS FROM A DIFFERENT COMPUTER. WE OWN A NETBOOK OR AN IPHONE FROM WHICH WE DO MOST OF OUR ONLINE ACCESS OR WORK EXCEPT FOR WHEN WE ARE WORKING IN OUR OFFICES WHERE THE COMPANY SPENDS ZILLIONS ON SECURITY ANYWAYS.
IBM had thought of a password free system many years back?.they also filed a prior art on this.
http://www.priorartdatabase.com/IPCOM/000039794/
Others have followed? http://www.kirit.com/A%20simpl.....eb%20sites
And I have filed my own patent for EasySecured which offers a unique, simpler and completely SECURED way to achieve the same concept.
ISNT THIS AMAZING??NO PASSWORD TO REMEMBER, NO PASSWORD STORED ANYWHERE AWAITING TO BE HACKED?
IF PASSWORDS ARE NOT STORED ON THE SERVER OR YOUR COMPUTER, THERE IS NO WAY HACKERS CAN HACK INTO ONLINE ACCOUNTS.
AM I CRAZY? HOW DOES ONE AUTHENTICATE AN ACCOUNT IF THERE ARE NO PASSWORDS?
The solution is downright SIMPLE, your computer is your password. By this I mean not just a desktop, your netbook, your laptop, your smartphone, IPHONE anything that is a computer. YOU ARE NOT STUCK TO A SINGLE COMPUTER.
Your online account will open only from the computers you have registered to access. You do not have to define a password or remember it. Only your User ID which is like the PIN number of your Credit Card and which will work only from your computer or the computers you allow it to work.
ONCE AGAIN ?..NO PASSWORD?. IS STORED IN YOUR COMPUTER?. OR THE HOST SERVER.
The password is a unique signature derived from the various parts of your computer mashed up using a patent pending technology that is generated real time every-time you try to login to you account from the registered computer.
The server authenticates by decrypting your user account details using this real-time generated password and granting you access to your account.
Hackers rely on stored user id and password on servers to hack accounts. In this case only your user id is stored on the server encrypted a real time generated password that is stored NOWHERE.
IF a hacker has to gain access to your online account, he or she has to also gain access to your computer or IPHONE or NetBook along with your original User ID.
As every User ID and critical user information such as credit card numbers etc are encrypted using a unique key generated by a physical device, there is NO WAY HACKERS CAN HACK INTO ONE ACCOUNT AND GET THE KEY TO HACK THE REST OF THE ACCOUNTS ON THE SERVER.
I have been working on this idea and concept for months and only need industry support to make this a reality and ONCE AND ON FOR ALL PUT AN END TO THE VULNERABILITY OF ONLINE ACCOUNTS.
You can twitter me @gurudatts to know more about this or email me.
Thanks for your rather long and heated contribution.
What you're describing just sounds like well established token systems such as RSA SecurID to me.
http://en.wikipedia.org/wiki/Securid
Still I enjoyed your comment!
Peter Judge
Editor
EasySecured is based on the philosophy that passwords are not stored on servers waiting to be hacked.
Token systems store information on servers and they are very costly. SecureID costs something like $60 per token. Competitors offer similar technology for $10 and which may not be secure enough.
Whereas EasySecured if adopted will be virtually free as no new hardware is needed as I have been able to uniquely identify a computer without referring to any network address.
I have closely worked with a Biometric firm which developed different variants of token based solutions. Believe me they are not for the masses.