Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Celebrity photo data hack: Lessons for businesses and consumers

Charisse Castagnoli | Sept. 10, 2014
What practical takeaways does this incident provide and how can we safely use convenient cloud and mobile services for work and play?

2. Identify and take steps to shore up the weakest links in your data-exchange chain.

Weak passwords remain a consistent and ongoing problem. Whereever possible use strong 2 factor authentication for highly sensitive data. Challenge questions and images are not recommended as those can be compromised relatively easily. Instead, consider out of band authentication such as mobile device proximity, tokens, call backs to a secondary phone number, biometrics and one time passwords - all of which can reduce the risk of accidental or intentional disclosures.

Other weak links to consider include business cloud apps on mobile devices without appropriate monitoring or limits and improperly secured mobile devices (PIN, automatic recovery or wipe capabilities).

3. Know what to do if there is a breach

As an organization you also must be prepared with a good reporting process for accidental loss. If you are going to take the risk that data may be lost or leaked at some point, you must prepare for that as a possible eventuality. You should be prepared to rapidly identify how important the disclosed data is and any potential ramifications. Be ready with a a plan to identify who you contact and in what order to contact them. This includes law enforcement (usually your first contact), others with whom you share the data and the originators (or owners) of the data that was breached.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.