Protecting users from themselves
Because yesterday's security doesn’t work
Webcast ‘“The problem with making things foolproof is that we keep evolving a better class of fool”, as the old saying goes. And nowhere is this more true than in security where breaches remain regular and commonplace despite all the investment that has gone into it.
Getting to grips with the security challenge is vital, because the increased risks are holding many businesses back from working more flexibly, getting closer to customers and having more integration with their partners and supply chain.
But it’s clear; we need to be thinking of the bigger picture when it comes to protecting users from themselves.
On the 23rd of February we have a studio full of experts ready to talk about just these issues in the hope of getting to the heart of the problem of securing end users and protecting them from their own actions. Tim Phillips from The Register will be your host and he's joined by Andrew Buss from analysts Freeform Dynamics and Chris Boyd from GFI.
The program will take a run through the following topics, each of which will be considered in turn, always whenever possible illustrating points by giving examples of best practice where possible:
Why security is not working
- Rising costs and continuing breaches
- Sensitive information contained on many devices
- User behaviour
- What can we realistically to expect
- Can training help?
- Monitoring and enforcing policy
We’re aiming to provide lots of real world context using examples of how customers in the real world are addressing these matters. If you join us, you can share your experiences too, through a live Q&A, and get answers to any questions you may have.
If you can’t make it on the day, register now and we’ll email you when the recorded version of the event is available for viewing at your leisure. ®
Security not in education
Students leave education with no training in security. In fact, exactly the opposite. In order to ensure the student's primary focus is targeted on learning the material [for which the student has paid], secondary detractors -- eg security--- are routinely and aggressively removed from educational systems. Since education cannot possibly provide training in the security required for each and every type of business type, security training must be provided by the employer. For smaller businesses, this is a financial burden which is usually avoided.
Basic security needs to be addressed in education and training.
Why security is not working - and the rest
Incompatible security standards - A former employer insisted that Single Sign On passwords were exactly 8 characters in length because that was the maximum one system could cope with and the minimum for another.
Username/Password proliferation - Every organisation with a web presence feels the need to do its own user authentication, with no standardisation. Some use your email address as a username, some let you pick your own, some assign one to you, tough luck johnsmith6355478! I know there are password vaults available but that's putting all your eggs in one basket and addressing a symptom, not the disease. Most online retailers accept Visa/Mastercard/Amex, could these organisations or others provide an identity authentication service using a single username, secret pin and keyfob passkey generator like the one I use for my work VPN?