‘“The problem with making things foolproof is that we keep evolving a better class of fool”, as the old saying goes. And nowhere is this more true than in security where breaches remain regular and commonplace despite all the investment that has gone into it. Getting to grips with the security challenge is vital, because the …
Why security is not working - and the rest
Incompatible security standards - A former employer insisted that Single Sign On passwords were exactly 8 characters in length because that was the maximum one system could cope with and the minimum for another.
Username/Password proliferation - Every organisation with a web presence feels the need to do its own user authentication, with no standardisation. Some use your email address as a username, some let you pick your own, some assign one to you, tough luck johnsmith6355478! I know there are password vaults available but that's putting all your eggs in one basket and addressing a symptom, not the disease. Most online retailers accept Visa/Mastercard/Amex, could these organisations or others provide an identity authentication service using a single username, secret pin and keyfob passkey generator like the one I use for my work VPN?
Security not in education
Students leave education with no training in security. In fact, exactly the opposite. In order to ensure the student's primary focus is targeted on learning the material [for which the student has paid], secondary detractors -- eg security--- are routinely and aggressively removed from educational systems. Since education cannot possibly provide training in the security required for each and every type of business type, security training must be provided by the employer. For smaller businesses, this is a financial burden which is usually avoided.
Basic security needs to be addressed in education and training.
- Updated Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
- Elon Musk's LEAKY THRUSTER gas stalls Space Station supply run
- Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
- Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
- Android engineer: We DIDN'T copy Apple OR follow Samsung's orders