Security Management Strategies for the CIOAccess "Address Authentication and Transaction Validation Protocols to Stem Identity Theft"
This article is part of the June 2008 issue of Five crucial virtualization do's and don'ts
Today's financial system makes identity theft inevitable by relying on none-too-secret identifiers. Preliterate societies often fear that knowing somebody's real name imparts supernatural power over that person. To protect themselves from evil magicians, people in such societies share their true name only with family and close friends. Ironically, in today's financial system, if you know somebody's name, you have the power to take out financial transactions in their name. We've created a primitive system that makes identity theft inevitable. Social Security, credit card and bank account numbers are just identifiers--names--without which you wouldn't know where to send the bill. Perversely, we treat these names like passwords. We make a very ill-advised assumption that if you know one of these identifiers, then it must be your personal identifier. Unlike passwords, they aren't secret, so how can they not be stolen? Credit card issuers keep adding little information tags to the cards to make them more difficult to abuse, but these are just variations on a ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Virtualization server security best practices
by Thomas Ptacek
Avoid server virtualization security bad practices with these dos and don'ts. Get info on virtualization products, segmentation, implementation, avoiding malware, and staging, deploying and patching virtual machines, segmentation and implementation.
-
Product review: Credant Mobile Guardian 6.0
MOBILE SECURITY
-
Product review: Klocwork Insight 8.0
SOFTWARE SECURITY
-
Embedded Security Safeguards Laptops
Tech Focus: Secure From Within
-
Security Awareness Employee Training Essential to Infosec Program
Security awareness training initiatives such as online tutorials, newsletters, MP3s and prizes get the security message across to users.
-
Virtualization server security best practices
by Thomas Ptacek
-
-
Spam Blockers Losing Ground on Sophisticated Attackers
SPAM Spam hasn't been "solved"; in fact, the scourge has grown worse as attackers continually trump countermeasures and refine their focus on high-value targets.
-
Product review: Mu-4000 Security Analyzer
SYSTEM/DEVICE TESTING
-
Product review: Array Networks SPX2000
SSL VPN
-
Security Services: QualysGuard Security and Compliance Suite
At Your Service
-
GRC Tools Help Manage Regulations
GOVERNANCE, RISK AND COMPLIANCE We look at three GRC products and the distinct ways these tools can help organizations navigate the complicated regulatory game.
-
Spam Blockers Losing Ground on Sophisticated Attackers
-
Columns
-
CISOs Must Innovate to Enable Business
Editor's Desk: Be an Enabler
-
Architect Security and Compliance Programs to Be Complementary
Perspectives: Shake On It
-
Address Authentication and Transaction Validation Protocols to Stem Identity Theft
Layer8: Tarnishing Good Names
-
Interview: Financial Services CISO David Pollino
CISO Uses Predictive Analystics to Bolster Risk Management Program
-
CISOs Must Innovate to Enable Business
More Premium Content Accessible For Free
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...
Emerging threat detection techniques and products
E-Handbook
Advanced persistent threat (APT) has been a used and abused term in the security industry, but security experts say targeted attacks are a growing ...
The rapid evolution of MDM solutions
E-Zine
Mobile device management (MDM) continues to grow at a feverish pace, both in terms of adoption and mobile security features. BYOD policies, and the ...