Page 36 - Cyber Warnings
P. 36
● Should contain uppercase letters, lowercase letters, numbers, and characters.
Tip: encourage employees to use phrases they can remember like:
“I enjoy playing basketball”.
Which can be written as:
“IEnjoiPlay!ngB@$k3tb@ll11”.
If you’re looking for advanced password security measures, then one-time passwords, client
certificates, smartcards, and biometrics can add layers to your corporate data security policy.
3. Cloud Storage Without Proper Security Measures
While cloud computing and storage solutions provide your company with the convenient and
powerful capability to store data in third-party data centers, you need to ask yourself:
“Is my data securely encrypted?”
While online data storage services claim your data is encrypted, there are no guarantees.
What you can do is to ensure your cloud storage provider offers a leading encryption security
policy as part of their package. Look for advanced encryption algorithms such as Ciphertext-
policy ABE (CP-ABE) and Key-policy ABE (KP-ABE).
Then, choose a cloud storage service provider that is willing to push back against unreasonable
government requests for data.
You can use the private advocacy group EFF’s website "Who Has Your Back" for this.
4. Not Recognizing and Investigating Failed Access Attempts
Ignoring the warning sign of failed login attempts can be detrimental to your business…
...even for a retail giant.
Target’s point-of-sale (POS) system was hacked in 2014 - a breach which began 6 months prior
with triggered login alarms which its information security team chose to ignore. These attackers
siphoned 40 million card numbers and personal information of 70 million customers.
Even with their own billion-dollar security operations center, Target ignored the warning signals.
But will you?
Don’t ignore these common signs of brute force data hacking that can violate your network
security:
● Many failed logins from the same IP address.
● Logins with multiple usernames from the same IP address.
● Logins for a single account coming from many different IP addresses.
36 Cyber Warnings E-Magazine – July 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
