Hopefully you really have a good answer for this. Getting hacked is no longer a distant probability; it's a harsh reality. The most recent incident was Evernote losing customer information including email addresses and passwords to a hacker. I'm an Evernote customer and I watched the drama unfold from the perspective of an end user. I have no visibility into what level of security response planning Evernote had in place but this is what I would encourage all the critical services to have:
Prevent
You are as secured as your weakest link; do anything and everything that you can to prevent such incidents. This includes hardening your systems, educating employees on social engineering, and enforce security policies. Broadly speaking there are two kinds of incidents - hijacking of a specific account(s) and getting unauthorizd access to a large set of data. Both of these could be devastating and they both need to prevented differently. In the case of Evernote they did turn on two-factor authentication but it doesn't solve the problem of data being stolen from their systems. Google has done an outstanding job hardening their security to prevent account hijacking. Explore shared-secret options where partial data loss doesn't lead to compromised accounts.
Mitigate
If you do get hacked, is your system instrumented to respond to such an incident? It includes locking acconts down, taking critical systems offline, assess the extent of damage etc. In the case of Evernote I found out about the breach from Twitter long before Evernote sent me an email asking to change the password. This approach has a major flaw: if someone already had my password (hard to decrypt a salted and hashed value but still) they could have logged in and changed the password and would have had full access to my account. And, this move—logging in and changing the password—wouldn't have raised any alarms on the Evernote side since that's exactly what they would expect users to do. A pretty weak approach. A slightly better way would have been to ask users to reset the password and then follow up with an email verification process before users could access the account.
Manage
If the accounts did get hacked and the hackers did get control over certain accounts and got access to certain sensitive information what would you do? Turns out the companies don't have a good answer or any answer for this. They just wish such things won't happen to them. But, that's no longer true. There have been horror stories on people losing access to their Google accounts. Such accounts are further used for malicious activities such as sending out emails to all contacts asking to wire you money due to you being robbed in
Photo courtesy: Daniele Margaroli
5 comments:
Great post! Often times these catastrophes are past the point of prevention. Companies need to start acting and working out plans as you have stated.
Cloud based systems data center solutions are the next step in business technology, although can still be a bit of a security issue. The accessibility of information from any location can greatly aid in the mobility of business operations and acts as a back up if a disaster happens that does not allow traditional business operations.
This is really great advantage of cloud computing. We have not to worry about hacking and loss data. Lot of problem like hijacking of account is also reducing.
Online Business Software
It's important to do everything that you can to avoid this disaster. Having a monitoring solution in place is critical. It will alert you if anything isn't working properly, including your defense capabilities.
Prevention is always better, to prevent us from being hacked we should make sure our passwords are secured, our network is working properly and we do consistent monitoring all the time.
Post a Comment