I keep running across companies that still, in 2018, are using the last four digits of SSN or mother’s maiden name as an authenticator. We have 170+ million reasons why that’s a bad idea, and yet it persists. That’s beyond inertia, past laziness, and nearly into negligence territory. It’s time to end the practice of […]
There’s been a lot of commentary about Facebook selling data to third party companies over the past week or so. The distaste is understandable, but no one should be surprised. Just who do folks think Facebooks customers are?
Fear, Uncertainty and Doubt. I still see security professionals – especially vendors – trying to use that tired old technique. Even with lay audiences it’s lost effectiveness, and it has absolutely no place in the CISO’s office, inbox, or voice mail. Fear based selling is a cop-out, and a sure way to not get a […]
There are a number of media reports out that Israeli firm Cellebrite is now able to unlock iPhones even running the latest version of iOS, including the iPhone X. Should you be worried? Let’s look at some potential threats.
I was recently asked how to dispose of an old hard drive in a secure manner. This comes up all the time, and unfortunately most folks just toss them in the trash or electronics recycle bin without thinking, or worse, sell it on eBay. The best option is an industrial hard drive shredder, but they’re […]