We use cookies and other similar technologies (Cookies) to enhance your experience and to provide you with relevant content and ads. By using our website, you are agreeing to the use of Cookies. You can change your settings at any time. Cookie Policy.


Blog: Shawn Rogers Subscribe to this blog's RSS feed!

Not Pictured

Thank you for visiting my blog. I am a Cofounder & Technical Advisor here at the BeyeNETWORK. Having covered the business intelligence and data warehousing industry for more than 15 years, I'm looking forward to a more interactive form of communication with all of you. Please share your comments and thoughts!

 

 

Recently in Security Category

webex2007_logo.gif

Goodbye Passwords – Hello Security
As I mentioned yesterday it continues to impress me how so many Web 2.0 companies are finding ways to serve the enterprise. This post should be especially interesting to any company in the banking and finance industries or for that matter any company that serves customers who “login in” or who have employees that access system that you want to secure.

A new company launched this morning here at the Web 2.0 Expo and it’s possibly the most brilliant yet simple solution I’ve encountered here. So let me lay this out, I’ll use a banking example. The common approach for you and I to access our online banking system is to use a username and password. The problem is that most of us can’t remember more than a couple passwords so what happens is that in the end we use the same one for just about everything we do. Very Insecure! Plus anyone who has spyware on their machine can be compromised the first time they use their password.

The other issue is with many security features like the code on my American Express card the security number feature exists where someone else could access it. If I lose the card or it’s stolen the person who ends up with it has the code.

So, here’s how the Vidoop system works to eliminate the authentication issues. They have a new approach to the “login in issue”. When you sign into the system for the first time you’re prompted to select several categories that you find easy to remember. They are associated with images you will receive when logging into a secure system. So let’s say you choose planes, trains and automobiles.

When you arrive at a login in screen enabled with Vidoop you will see a grid of random images each image has a letter next to it. The user looks for his categories in this case planes, trains and automobiles and enters the corresponding numbers as the login instead of a password. The great thing here is the images and codes change every time but its easy and secure because the only person the knows which numbers on the grid to use is the person who knows the categories to look for, plus the images change for every login so the plane on the first login might be a jet and the next time a bi-plane. To make it even more interesting when using Vidoop from a computer the system passes a token to the computer on the first interaction and from then on the Vidoop system looks for the token as well as the correct image recognition.

This is a powerful solution but on the surface it’s extremely simple to administer and distribute. If you’re challenged by security issue you should really look at these guys.


Technorati Tags: Web 2.0 Expo, Web 2.0, business Intelligence, Security, Vidoop, Banking


Posted April 17, 2007 12:15 PM
Permalink | No Comments |

Compliance and regulatory guidelines are often the drivers behind technology initiatives. Security issues have been especially affected. Is your company able to gather metrics on these programs? And perhaps more importantly can you see these metrics in a way that allows action? These are interesting questions, a recent survey by Frost and Sullivan indicated that 75% of the companies polled share their security reports with partners and others within the company. It seems to me that having a solid infrastructure and reporting methodology is required to insure accuracy.

Almost half of the executives polled, or 46%, have already begun using metrics to measure security value with about 43% planning to take action in the coming year.

Recently Intellitactics introduced the industry’s first security dashboard, Intellitactics SAM, featuring security assurance metrics. The dashboard provides decision makers with practical metrics to characterize and communicate security effectiveness. The metrics are designed to answer the question that executives ask everyday: “Are we secure, yet?”

I'm a fan of dashboard technology and I think the niche' Intellitactics has found could prove to be a very interesting one.


Posted April 20, 2006 3:58 PM
Permalink | No Comments |

A bit belated but still worth commenting on, January 19th marked the 20th anniversary of the first computer virus. The virus named "Brain" was built into the boot sector of a floppy disk and passed along as other disks were inserted into the virus carry machine.

By today's standards the virus was actually quite harmless all it did was change the volume name of your disk to "(c) Brain". It's interesting how fast an entire industry was born, Norton Anti Virus hit the scene in 1990 and soon was tracking and battling 1,500 known viruses. Today over 150,000 viruses are alive and well in the world of computers.

A great online resource for those of you wanting more info on security check out Schneier on Security


Posted January 29, 2006 1:43 PM
Permalink | No Comments |


Search this blog
Categories ›
Archives ›
Recent Entries ›
Twitter Updates