It’s easy to talk about the benefits of using a cloud platform rather than in-house or colocated hardware. In 2017, few would question those benefits. But it can be challenging to see a path from a company’s current infrastructure to the cloud. Moving complex and critical legacy applications is a big step, and without executive buy-in, it’s difficult to get the ball rolling. (more…)
MongoDB is a popular NoSQL database with a serious problem. Tens of thousands of MongoDB databases have been hacked by criminals, who replace the data with a simple message: “Send us money or your data is gone forever”. In fact, calling it a hack is overly generous, since there’s very little hacking involved: the databases have no protection and are exposed to the internet. (more…)
When first venturing on a new startup, it’s natural to divide responsibilities between founders and early employees. There is so much to be done that there is no time to stop and think about redundancy and replication.
Choosing a strong password is critical to securing your account. Strong and secure passwords can also be a pain, which is why many of us can fall into the bad habit of sharing a password or two across many different accounts. This practice, while helpful in remembering our passwords, makes us more susceptible to attacks on our accounts. (more…)
Traditionally, phishing attacks have targeted consumers with random spam in the hope that that some small proportion of the targets are naive enough to install malicious software or hand over login details. (more…)
Most cloud platforms are as resilient as an old bridge! On December 15, 1967, the Silver Bridge connecting West Virginia to Ohio collapsed during rush hour with horrific results. In the ensuing investigation, the cause was discovered to be the failure of a single supporting member. When the bar failed, the bridge collapsed. In the terminology of bridge engineering, Silver Bridge was “fracture critical”. The failure of a single component caused the failure of the entire system. (more…)
According to a recent report from SIM IT Trends, many enterprise organizations are not doing all they can to protect themselves from online criminals and hackers. Forty-six percent of organizations don’t have a Chief Information Security Officer and only sixty percent of organizations require security training of all staff. (more…)
If I offered you $10 now and $15 next week, which would you choose? Depending on your personality, you might think the obvious choice is to wait until next week and get 50% more money, but studies in psychology have shown that the majority of people take the money and run.
Passwords have proven themselves an inadequate method of authentication many times. It’s not necessarily that the concept is flawed: passwords can be secure if the system around them is implemented properly. But a combination of users’ inability to properly choose and manage passwords and developers’ failure to implement secure systems often leads to security breaches. (more…)
There are three main planks to any secure system: technology, policy, and education. If any one of these is lacking, maintaining data security over the long term is next to impossible. A technological solution is worthless if no one knows how to use it and why it should be used. Even if they do know how to use it, without an enforced policy, it’s entirely likely that employees will take the path of least resistance and greatest convenience. (more…)