Tag Archive for Data

| February 21, 2013
Comments Off on Dropbox Warms Up to Corp IT for IPO

Dropbox Warms Up to Corp IT for IPO

Dropbox Warms Up to Corp IT for IPOIn preparation for its IPO, Dropbox is warming up to corporate customers reports InfoSecurity. the general consensus about Dropbox within the business community is that it is an excellent service, but lacks security. Data breaches, a lack of visibility into and control over how stored and shared files are used make the app seem insecure to many corporate users. GigaOM points out that large companies, including IBM (IBM), forbid its use. One of the criticisms, InfoSecurity cites is that employees leaving the company (either through termination or leaving to join a competitor) will automatically take any potentially sensitive files stored in their Dropbox accounts when they leave the company.

Dropbox logoThe new Dropbox Team (the corporate multi-user offering) dashboard seeks to make that more attractive. This paid-for service costs $795 per year for 5 users plus $125 for each additional user. The new dashboard provides the team leader with greater visibility and control over which members can access individual files, and what they can do with those files. In particular, if a team member leaves the company or just the team, access to the stored files can be immediately blocked.

These new features do not prevent an employee from opening a separate personal account and using that to exfiltrate sensitive files. However, InfoSecurity claims they make it more likely that it would be a planned (and probably illegal) act. Unfortunately, the greater part of the shadow IT use of Dropbox is likely to occur simply because the staff is seeking to make their jobs easier and more efficient. By providing an official Dropbox Team account, the need to bypass security becomes less pressing. Dropbox will benefit from increased income while business benefits from increased control.

two-factor authenticationA second new security feature within the new dashboard is the ability for the team leader to insist on and ensure the use of two-factor authentication by the team members. Optional two-factor authentication was announced by Dropbox last July. It followed the breach involving users’ re-used passwords. “Our investigation found that usernames and passwords recently stolen from other websites were used to sign in to a small number of Dropbox accounts,” announced the company at the time. Two-factor authentication can solve this issue, and the team leader can now insist upon it and ensure that individual team members do not subsequently turn it off.

It is possible that this improvement to the corporate Dropbox may be the start of preparation for a Dropbox IPO. IDC estimates that the enterprise file-sharing market will be worth $20 billion by 2015, and Dropbox is currently valued at around $4 billion.

we just want to make it easier for IT to say yesOver 2 million businesses have people inside them using Dropbox. It’s already pervasive, we just want to make it easier for IT to say yes to those people asking for Dropbox,” Sujay Jaswa, VP of business development for Dropbox said in an interview with GigaOM.

Among business accounts, GigaOM says Google (GOOG) is getting traction with the Google AppsGoogle Drive combo and Microsoft (MSFT) integrates SkyDrive storage with Office and Windows 8. Box, the company most associated with Dropbox-of-the-Enterprise, touts its support of all client devices but targets larger companies including Netflix, Dow Chemical, and Procter & Gamble.

rb-

Other competitors in the Dropbox-of-the-Enterprise niche are Accellion’s kitedrive, Egnyte, GroupLogic’s activEcho, SurDoc, and ownCloud. Still, it’s hard not to see all these rivals battling it out for the same paying business customers down the road.

At $125 per seat it seems awfully expensive, is it good enough for corporate IT to warm up to Dropbox in time to save its IPO?

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , ,
| February 19, 2013
Comments Off on School Kids’ Data at Risk – Part 2

School Kids’ Data at Risk – Part 2

School Kids' Data at RiskIn the Huffington Post article, “In Push For Data, Schools Expose Students To Identity Theft” author Gerry Smith writes about the growing risk of school kids data being stolen across the country.

Read Part One here:

Data Quality Campaign, an organization that encourages states to build student databases argues that students’ Social Security numbers are useful for education policy by creating “enhanced analytical opportunities” for evaluating school curriculum. “The more important conversation is not whether states are collecting Social Security numbers, but how they are ensuring the privacy, security, and confidentiality of all personally identifiable information,” Laird said in a statement to the Huff Post. “We can’t speak to how Social Security numbers are collected and stored at the local level,” she added.

The article cites one survey that concludes student PII is not stored very securely. Only half of K-12 schools use data encryption, according to a survey of IT employees at K-12 schools nationwide. 72% cited budget constraints as the primary barrier to improving their IT security, according to the survey by Panda Security (PDF). Collecting PII in central databases with lackluster security is asking or trouble, “This is making a much bigger honey pot for people with malevolent purposes to gain access to children’s information,” Joel Reidenberg, a professor at Fordham University School of Law. He told The ID Channel, “It’s a meltdown waiting to happen.”

School districts in 26 states now ask for students’ Social Security numbers. The Michigan Department of Education states (PDF), “A school district cannot mandate that parents disclose the social security number of their children.” Huff Post states that Texas is one of those states where education officials use PII to connect K-12 records to higher education and workforce data, according to Debbie Ratcliffe, a spokeswoman for the Texas Education Agency.

Last year, the Texas agency asked eight school districts to send PII, including Social Security numbers, through the mail on unencrypted CDs for research purposes. The article reports that Laredo Independent School District learned the CD it sent got lost in the mail, exposing nearly 25,000 current and former high school students to identity theft, according to the Texas Tribune. Ratcliffe told The Huffington Post that the request came from an agency employee who operated “way outside” normal protocol.

Social Security numbers are useful enhanced analytical opportunitiesIt was not the only school data breach in Texas.

  • Beaumont school officials told parents that Social Security numbers belonging to an estimated 15,000 students were accidentally exposed online for nearly a year.
  • The San Antonio Independent School District told parents that names and Social Security numbers of up to 360 students were mistakenly made visible through a Google search.

Still, the Texas Education Agency has no plans to stop asking school districts for students’ Social Security numbers, Ratcliffe told the author. “We have so many databases that use them that it would require quite a bit of change to make that happen,” she said.

Texas has no plans to stop asking for students' Social Security numbersYet concerns over child identity theft have prompted at least five states — Nebraska, North Dakota, Washington, Maine and Wyoming. to create policies that restrict the collection and use of Social Security numbers in K-12 schools.

Jerry Coleman, director of school finance at the North Dakota Department of Public Instruction Coleman said in an interview, “To protect those Social Security numbers would be a hassle we don’t need,”

Parents can refuse to disclose their child’s Social Security number, and the student would be assigned a different identifying number. Ratcliffe, of the Texas Education Agency, said most parents disclose their child’s number anyway.

Parents can refuse to disclose their child's Social Security numberBut privacy experts say, in most cases, parents should keep that information to themselves. “When someone asks for your child’s Social Security number, say no,” said Aaron Titus, chief privacy officer for Identity Finder, which helps organizations protect sensitive data. “I have found about 90 percent of the time when I push back a little bit, I get my way.”

Data breaches leave people six times more likely to become victims of identity theft, according to a survey by Javelin Research. Schools warn parents to monitor their children’s credit after a data breach. The Huff Post says credit reports only turn up 1 percent of fraud on children’s credit histories because thieves pair children’s Social Security numbers with new names and birth dates, a study by Debix found.

More than 18,000 child identity theft complaints were reported to the Federal Trade Commission. But experts tell Huff Post that figures on child identity theft are likely much higher because the crime often goes undetected for years. ID Analytics estimates more than 140,000 children are victims of identity theft each year, based on a one-year study of those enrolled in the firm’s identity protection service. When child identity theft victims turn 18, they find their credit has been destroyed, preventing them from taking out loans or renting apartments.

rb-

Consumers Unions points out that Michigan law restricts how Social Security numbers can be used. In Michigan, SSNs cannot be printed on ID cards, intentionally communicated to the public, and/or publicly displayed or mailed within an envelope.

Related articles
    • Child Identity Theft: Warning Signs and Action (lexingtonlaw.com)

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , ,
| February 14, 2013
Comments Off on School Kids’ Data at Risk

School Kids’ Data at Risk

School Kids' Data at RiskGerry Smith writes about the growing amount of school kids’ data being stolen across the country. In the Huffington Post article, “In Push For Data, Schools Expose Students To Identity Theft” the author explains why.  Data thieves want this information to commit identity theft. The author cites several recent cases:

Child identity theftThe article says these incidents highlight the growing risk of school kids’ vulnerability to identity theft. Across the country, schools have become conduits for children’s pristine Social Security numbers. The students’ numbers are increasingly falling into the hands of credit-hungry identity thieves. The frequent data breaches have prompted calls for schools to stop collecting sensitive student data. The breaches have angered parents like Art Staehling, whose 14-year-old daughter was among 18,000 Nashville students who had their Social Security numbers accidentally exposed online for three months in 2009.

They left the gate wide open for data theft

“They left the gate wide open,” Mr. Staehling told The Huffington Post. “It’s clumsiness. There’s no excuse for it. If schools want that information, there should be some sort of penalty paid if they don’t guard it with their lives. I haven’t found a reason why they honestly need it.

Schools collect students' Social Security numbersSchools collect students’ Social Security numbers as part of a campaign to more precisely track their progress. But privacy experts told Huff Post there are less risky ways to identify students. The privacy experts accuse schools of needlessly exposing children to identity theft by gathering their Social Security numbers. Mn then not securing them.

The push for collecting student data began under the federal No Child Left Behind Act. Financial incentives in the 2009 stimulus package, including Race to the Top‘s $250 million in competitive grants drove schools to collect student social security numbers, according to Reidenberg.

No Child Left Behind Act drove schools to collect student social security numbersThe U.S. Department of Education has warned schools not to use students’ Social Security numbers in their databases. The Huff Post says the Feds urge schools to create other unique identifiers. The National Center for Education Statistics warned schools last fall that. They told educators that Social Security numbers are “the single most misused piece of information by criminals perpetrating identity thefts.”

School abuses student’s Social Security numbers

Despite the warnings, the collection and use of student’s Social Security numbers in K-12 schools remain “widespread.” An audit last year by Patrick O’Carroll, the Social Security Administration‘s inspector general. The IG found students’ Social Security numbers printed on transcripts, tests, and athletic education forms. According to the article, the audit concluded that schools were using the numbers “as a matter of convenience.” Mr. O’Carroll found there have been at least 40 data breaches of confidential student information at K-12 schools since 2005.

In his report, O’Carroll wrote.”We believe the unnecessary collection and use of Social Security numbers is a significant vulnerability for this young population. Each time a student provides his or her Social Security number, the potential for a dishonest individual to unlawfully gain access to, and misuse, the number increases.

Read Part 2 here.

rb-

Consumers Unions points out that Michigan law restricts how Social Security numbers can be used. In Michigan, SSNs cannot be printed on ID cards, intentionally communicated to the public, and/or publicly displayed or mailed within an envelope.

Related articles
  • Young children can be identity-theft targets (goerie.com)

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , ,
| February 7, 2013
Comments Off on Internet of Things Infographic

Internet of Things Infographic

Internet of Things InfographicBosch Software Innovations released some new data on the Internet of Things (IoT)  In the near future, more and more devices and systems will be capable of sending and receiving data automatically via the internet. We’re already poised on the verge of new developments that offer enormous market potential. Bosch believes the Internet of Things isn’t just a distant vision of the future, it’s already very real and is having an impact on more than just technological developments.

The blog claims that in the next few years, increasing numbers of devices and systems will automatically send and receive data over the Internet. The author claims that we are about to see a huge new market develop.

By 2015, Bosch predicts that the number of IP-ready devices connected to the Internet will grow to a total of 6,593 billion. Even more impressive according to the author, is the growth in Internet access. The blog reports that in 1995, less than 1% of the world’s population was online, in 2011 this number exploded to 2.3 billion people online, Bosch expects that in 2015, 5.5 billion people will have internet access (source: ITU). This equates to around 75% of the world’s population.

The German firm estimates the number of devices configured to send and receive data over the Internet will reach 50 billion devices in 2020. Just recently, Vint Cerf, who is better known as the father of the internet, also spoke in an interview about the number of devices and confirms this assumption.

Bosch Internet of Things markets

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , ,
| December 13, 2012
Comments Off on Top Five IT Trends for 2013

Top Five IT Trends for 2013

Top five IT trends for 2013Ian Kilpatrick, who has the longest job title I have ever seen, chairman of international value added distributor, specialists in market development for secure IP infrastructure solutions and convergence at Wick Hill Group shares his vision of the top five IT trends for 2013. In the article, Top five IT trends for 2013 at ITnewslink he shares his predictions.

BYOD Man1. BYOD – He says the first IT Trend for 2013 is BYOD. BYOD is now an unstoppable, user-driven wave that will continue to make a major impact on the IT world in 2013 and beyond.  2013 will see companies trying to integrate BYOD into their networks.

He also speculates that we can expect to see the growth of Microsoft (MSFT) Windows to Go secure USB sticks based on Windows 8, which provide remote users with the supported version of the corporate desktop. These are available from a limited number of suppliers authorized by Microsoft and include Imation’s IronKey Workspace for Windows to Go.

Mobile Device Management2. Mobile Device Management – The next IT trend for 2013 is that Mobile Device Management solutions growth will accelerate in 2013. The growth is due to the rapid growth of mobile devices such as smartphones, tablets, and laptops, but particularly smartphones.

Growth will be strongest for MDM solutions that offer features such as ensuring mobile device usage complies with company security policies, allocating access rights, managing configuration, updating policies, dealing with data leakage issues, and dealing with lost or stolen devices.

A crucial component for the continued growth of MDM solutions will be the clear separation between the management of business and personal data on devices. There are over 100 suppliers in mobile device management many of them are good but niche solutions. The Gartner (IT) Magic Quadrant identifies the strategic leaders, which includes Zenprise.

High density wireless3. High density wireless – Wireless requirements have been significantly incrementing over the last year making it the third IT trend for 2013. The firm says BYOD has changed both the data transfer and performance expectations of users. However, these expectations have not been met, with many networks still inadequate in their coverage and performance.

The new 802.11ac standard, with 1 gigabit per second throughput rates, will be a key driver in organizations moving to high-density wireless in 2013. High density wireless will provide companies with high coverage and high performance, supporting business-critical applications and delivering complete site coverage There will continue to be a shift from niche solutions towards more strategic solutions. The Gartner Magic Quadrant identifies Xirrus, which will continue to experience stratospheric growth.

Data back-up and recovery4. Data back-up and recovery – 2013’s fourth IT trend for 2013 deals with data back-up and recovery. Organizations have been under immense pressure from ever-increasing data volumes, archiving, and compliance requirements.

At the top end, new data replication technologies will have a major impact on data centers in 2013. For smaller organizations, the shift from tape will continue apace. For conservative organizations, the move to disc (and, in particular, RDX technologies that combine the best of tape and disk) will accelerate. Hybrid back-up to RDX and then the cloud will increase. In volume terms, the lowest move (but in market-hype the biggest) will be significant growth in direct back-up to the cloud. RDX, hybrid, and cloud data backup solutions are available from vendors such as Imation and Barracuda Networks.

Data leakage protection5. Data leakage protection – The last Wick Hill Group IT trend for 2013 says that with the growing volumes of data and regulatory bodies’ willingness to levy fines for non-compliance, data leakage protection will continue to be a major cause for concern during 2013. Companies will be looking closely at how to secure and manage their data as their network boundaries spread even wider, with increased use of social networking and BYOD, increased remote access, the rapid growth of wireless, increased virtualization, and the move towards convergence.

Increasingly, organizations will couple DLP products with SIEM (Security Information and Event Management) solutions. DLP concerns will also continue the growth curve for authentication (much of it hosted in the cloud) and encryption, to protect data, both in motion and at rest. Some companies will look to hosted security services and the cloud to cope with an increasingly complex security situation. SIEM and authentication solutions are available from companies such as LogLogic, Check Point VASCO, and SafeNet.

rb-

So these are not really earth-shattering predictions for 2013, BYOD, MDM, and Wi-Fi are already part of my world. We are doubling our backup capabilities and will be updating from our current McAfee to some sort of DLP

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , ,
« Older Entries   Recent Entries »