HSBC

Thoughts on HSBC voice recognition…

Jun 1st, 2017 Confidentiality, Data Breach James Gillies

Because they cannot be 100% accurate the real issue here with biometric systems is something called Type 1 and Type 2 Errors and the so-called Crossover Error Rate. Voice recognition systems themselves are not necessarily “weak” – so the distinction must be made as to how the particular system that HSBC went live with was compromised. Biometrics systems will ultimately fall foul of either not…

Password Management

Is Password Management software secure?

May 25th, 2017 Confidentiality, Secure Configuration James Gillies

As we move forward with our digital lives, complying with the need to “log into” just about anything we touch these days it becomes increasingly difficult to maintain a high degree of password hygiene. There are those incredibly disciplined people amongst us that can perform effective Password Management in their head, and then there are the rest of us that well, can’t. I have previously recommended…

Should I consider using a Password Manager?

May 11th, 2017 Confidentiality, Privacy, Secure Configuration James Gillies

Last week I gave some tips on methods to create a strong password, however these may not be suitable if you have a large number of passwords to manage. In this scenario making use of a Password Manager may be appropriate. Best practice would be to have a different and complex password for everything (such as a website) that you would log into. However, very…

How do I create a strong password?

May 4th, 2017 Confidentiality, Secure Configuration James Gillies

Follows are some tips on how you can create a a strong password. Some might be obvious, other not so… Your passwords belong to you, no-one else – don’t share your passwords! Regardless of complexity, don’t write your passwords down. (To this day I still see passwords on Post-IT notes and whiteboards!) The longer the password, the harder it is to crack, 8 characters should…

Are we exposed with unlocked USB ports?

Mar 30th, 2017 Confidentiality, Data Breach, Secure Configuration James Gillies

In my experience this is an area around which the Channel Islands have been generally slow to adopt a stronger security posture, and whilst the threats surrounding Data Leakage were as valid then as they are today, it is surprising that only 21% of UK businesses have a formal policy around what can be stored on removable/USB devices, a figure published in the Cyber Security…

encryption

Should we be re-considering implementing encryption in our organisation?

Feb 23rd, 2017 Compliance, Confidentiality, GDPR, Secure Configuration James Gillies

In today’s digital world data is considered to be the crown jewels and should be protected from those that might abuse it. The value to the business that data represents should be balanced against the risk of it being exposed. Traditionally viewed as a pure security issue, as data protection laws start to change this will become much more of a compliance issue. In simple…

Gravityscan Badge