Week 10

This weeks assignment of creating an action plan for the Harry & Mae's Case Study was a little challenging in that there are no specific guidelines for creating one.  With that said it was also hard trying to figure out what needed to be included in the action plan.  There are a lot of resources and references located on the Internet for action plans.  Many of them range from a few pages to several pages dependent upon their use.  My concept of an action plan was to simply just list the vulnerabilities and threats associated with the case study and provide a recommendation or fix action for fixing the vulnerability or threat.  Other than that I think the assignment was pretty easy assuming that I completed it correctly. 

Week 9- Passwords

When it comes to creating passwords for social networks, e-mail accounts, and other sites to include online banking we should be mindful of the passwords we choose.  Passwords are important in that they are the only thing that keep our accounts from unauthorized access.  Especially when most sites require the use of e-mail address for the username.  Our e-mail address can easy be obtained giving a hacker 50% of the puzzle.  Using passwords such as iloveyou, 123abc, 12345678, bigdaddy, peaches, princes,Eagles, or something similar are easy to guess and are amongst the most common used passwords list.  When creating passwords don't use dictionary words and try to use special characters, upper and lower case letters and numbers.  Doing so builds stong passwords.  Another pointer is to never use the same passwords for all your accounts.  For those who do you put yourself and others at risk of identity theft.  It is also a good practice to change your passwords at least every three months.  Changing them more often is even better. 

Week 8 Post

For this weeks posting I found an article that listed the top 10 security breaches of 2012.  While reading the article I began to realize that thieves are not just targeting banks but they seem to be targeting hospitals, hotels, insurance companies, department of revenue, transaction processors, yahoo, apple, shoe and clothing retailers, and the government.  Things lets us know that any business that deals with payments, social security numbers, passwords,and other personal identifiable information are targets.  Any website can be a potential target for thieves.  As users of these sites it's up to use to monitor our accounts and change our passwords often.  Hacker gaining access to our e-mail accounts can be dangerous in that most people receive e-statements for their bills.  Many websites also force customers to use their e-mail address as their username in which I think is a security risk in itself.  If a hacker knows the username he can easily guess or obtain the password especially since most people use easy guessable passwords.  The article can be found at:  http://www.crn.com/slide-shows/security/240144596/the-top-10-security-breaches-of-2012.htm?pgno=1