Simple Web Security

It happened to Jeff Atwood’s Stack Overflow account: Someone broke into his account and logged in as him.  Fortunately, the hacker reported the problem to Jeff and did no malicous actions.  Very few “hackers” are this ethical.

Read the original post here, I Just Logged In As You: How It Happened.  It shows just how easy it can be to crack a password.

Simple Security Tip #1: Use strong passwords with lots of characters, numbers, and symbols.

Simple Security Tip #2: Don’t use the same password for every account you have.

Simple Security Tip #3: Use two-factor authentication whenever possible. This makes it exetremely difficult for someone to break into your account.

Because it’s too hard.

Most of the time, anyway.  And for good reason – there’s a LOT of things to think about.  In fact, there are probably lots of things you’re doing wrong right now when it comes to securing your computer, e-mail, data, mobile phone, bank account, credit card info…the list goes on.

So how do we bring sense and simplicity to an online world filled with so much complexity?  Start with the simple things:

• Don’t share your passwords
• Don’t believe e-mails that ask for personal information (these phishing attempts)
• Don’t install apps you don’t need, or from sites you don’t trust
• Install good anti-virus software

If we protect ourselves from just the simple things, then we have a much smaller chance of being the next victim of opportunity of a casual hacker.  And, if everyone would better educate themselves, then malware and other online security problems would be a lot less prevalent.

Do you agree?  What do you do to stay safe online?  Let me know in the comments.

You’re a responsible person and you work for a responsible company. You’ve taken steps to make sure that your email system is secure so you use an email encryption system that ensures that all the confidential email that leaves your network is encrypted. That’s laudable and you at least recognize the problem but you’ve left a huge hole in your security. If your system encrypts only email that leaves your network you are still vulnerable because most experts agree that the bulk of email theft happens INSIDE your firewall.

Consider for a moment the number of emails that are sent within your enterprise that have confidential content.Business plans, executive compensation, staff reductions, new policies under discussion, all of these are critical to your business but if your company secrets become company gossip it could go straight to your bottom line, and not in a “good way”.

So what’s the answer? The best place for your email security to start is right on your desktop. The logical time to encrypt your email is immediately after it’s written and before it is put in flight on your network.

SendItSecure provides email encryption and authentication that starts on your desktop. SendItSecure applies not only to enrolled users within your enterprise but extends to your clients and partners. For more information about email security that works inside your firewall as well as outside, check out our simple secure e-mail service.

Fingerprints have been recognized as a unique means of identification since ancient times. The ancient Chinese used fingerprints to sign legal documents¹. In the 1850s Sir William James Herschel was probably the first European who understood the value of fingerprints for identification. It obviously wasn’t an original idea but Herschel started using fingerprints while he was an officer in the British Army stationed in India². Herschel used fingerprints and whole hand prints on contracts during the time of the British Raj. Sir William’s biggest contribution was probably the fact that he realized that everyone has a unique fingerprint that never changes. He documented his own fingerprints over his lifetime to prove this.

About 50 years later Sir Francis Galton³, who we usually credit as being responsible for the modern study of fingerprints and fingerprint identification, developed a way to classify fingerprints so that it became practical for a person’s identity to the found in a directory of fingerprints. Galton’s system is basically the one we use today. The idea is that we first identify one or more large features in a fingerprint and then go on to compare the minutia that makes one fingerprint different from all others.

If you stop for a moment to consider, Galton’s classification system is what we would call a “sort” in computer terms. First we look at the larger classes, upon which we may have indexes, and then we look at the details to find a result. Fingerprints lend themselves to computer classification, digitization and abstraction. Since there is a lot of data in a fingerprint modern digital fingerprint recognition systems use “feature extraction”. Feature extraction simplifies the description of the data by creating combinations of variables that will accurately describe the fingerprint as data.

In practice we don’t record or save the actual fingerprint image. An abstraction of the image is reduced to a number of discrete data points that describe the fingerprint in a statistical, rather than a physical, form. This abstraction makes it almost impossible for the fingerprint to be reverse engineered and used fraudulently.

Because of all these factors fingerprints make an ideal basis for positive identification that allows us to authenticate the sender of an email and also the recipient. SendItSecure uses a combination of biometric authentication and state of the art encryption to deliver a secure email system that is easy to use and can be deployed in a medium sized company in a single day. For more information go to… www.SendItSecure.com .

1 – http://encarta.msn.com/encyclopedia_761573439/Fingerprinting.html

2 – http://en.wikipedia.org/wiki/William_James_Herschel#cite_ref-HersFD_0-3

3 – http://en.wikipedia.org/wiki/Francis_Galton