Week 12- Blog Summary

First I would like to say that I had fun learning how to create a blog and add entries to it weekly.  The whole idea of having to find articles and create summary of them helped me become more aware of the different threats we face while utilizing the Internet.  We use the Internet for business and pleasure not realizing the potential threats that come along with using the internet.  Most of my blog topics consisted of a variety of topics such as system/software issues, user errors, security awareness, and threats.  When it came to deciding on what to blog about I just did a Google search on the latest security breaches.  I would also sometimes come up with a subject and then use Google to find articles that supported my subject.  I think security blogging is a great awareness tool that gives others the chance to read and apply their thoughts and comments to the subject matter.  It’s a great way to learn more about security.  

Week 11 Security Entry

In this week’s security blog I’m going to talk about an article that was written by Chris Poulin called “BTOD: Once Size Risks All”.  In this article Chris talks about how we as a people have become very reliant upon the Internet.  We as a people can access the Internet from just about anywhere we go.  Just to get our brain juices flowing think about all the places that offer Wi-Fi.  Just to name a few we have McDonalds, Wendy’s, Coffee shops, hotels, etc.  For those of us who have cell phones Internet access is located in our pockets.  With that said we can surf, shop, and conduct business and bank from anywhere.  This article focuses on the fact that work and personal devices should be separated.  In other words you should not use your business devices to surf the web, shop, bank, etc.  Personal devices should only be used to conduct personal business only.  Some companies allow their employees to use their own devices instead of company issued devices.  I must say that I agree with the author I think business and work should be separated as well.  If companies separate the two I think that it would limit the amount of threats they face daily.  If companies allow employees to use their own personal computers they compromise the security of the network.  Companies will have no way of determining what programs, software and data users may have stored on their computers. Are users required to have anti-virus software?  Are there any policies in place to dictate acceptable use?

Week 10- Automatic User Logins

According to Zack Whittaker a writer from ZDNet and CNET Facebook had a flaw that could have put over 1 million Facebook accounts at risk of unauthorized access.  This flaw would have allowed unauthorized users to login to others Facebook account without the use of a password.  The flaw was centered around a user’s e-mail address.  Facebook would e-mail links to users that when clicked would automatically give them access to that Facebook account without the need for a password.  There was also a flaw that allowed you to automatically access your Facebook account without a password if you were logged in to g-mail.  This can be a big issue and lead to many problems if your e-mail account was compromised in anyway.  If your e-mail account was compromised someone would automatically be able to access your Facebook account and any other accounts that are linked with goggle via your g-mail.  Many of my android apps are also automatically connected and liked with my g-mail as well.  I think this is a big issue because there are a lot of applications that are linked with Google that can be assessed with a single login.  Here are a few steps that should be taken each time you access a site or application that requires a login:

1.        Always log out of a system or website when you are done.

2.       If you are accessing a site from a public computer make sure you delete all cookies and browsing history. 

3.       Never click no or never when asked if you want the browser to save or store your login information. 

4.       Change all your passwords to social media, e-mail, banks, and e-commerce websites often.

5.       Use different hard to guess passwords for each account.

6.       Always make sure the “remember me” checkbox is unchecked.

Article can be found at:  http://news.cnet.com/8301-1009_3-57544933-83/facebook-password-bypass-flaw-fixed/