INFOGRAPHIC: How Safe Are Your Passwords?

Avnet passwords infographic header

A quick review of SplashData’s 25 Most Common Passwords of 2014 shows how vulnerable so many of our systems and data still are to this day, relying on little more than “security through obscurity.” 

With nothing but a few characters keeping your identity and sensitive personal and financial information from would-be thieves and hackers, it’s important that those passwords remain as secure as possible.

In the infographic below, we’ve listed five important questions to ask to ensure that your passwords–and those of your employees–are as safe as they can be.

Redistribute this as you see fit or share this content socially; the only thing we’d ask is that you keep the Avnet header and footer intact.

We’ll be sharing more of these in the near future when the opportunity arises, so be sure to subscribe to this blog via email or RSS by clicking HERE.

- Steve

CLICK HERE to download a PDF version

 

How Safe Are Your Passwords Avnet infographic

Share or print this post:
  • Facebook
  • Twitter
  • LinkedIn
  • Google Bookmarks
  • Print
  • email
  • Reddit
Posted on Leave a comment

VIDEO: IT & Talent Management (Part I of II)

http://avnet.me/76831

IT & Talent Management part 1 screencap

Talent Management is the #1 priority for corporate executives in 2015, according to a survey conducted by The Conference Board.

As companies of all sizes compete for talent around the world, many are increasingly relying on IT and HR working together to help attract, retain and develop the best and brightest.

To find out how Talent Management is evolving in the global enterprise on 2015, I sat down for a two-part video interview with MaryAnn Miller, Avnet’s Chief Human Resources Officer and head of Corporate Communications.

To view part one of our brief two-part video interview, click the screenshot above or the link at right: http://avnet.me/76831

We’ll be posting Part II of our discussion shortly, so be sure to click HERE to have the latest blog posts and Tech Trends video sent directly to your inbox or RSS reader.

- Steve

Share or print this post:
  • Facebook
  • Twitter
  • LinkedIn
  • Google Bookmarks
  • Print
  • email
  • Reddit
Posted on Leave a comment

Explained: Data Loss Prevention

In 2014, an average of 2.67 million data records were lost or stolen every day, according to Breach Level Index.

That’s no surprise, given the steady drumbeat of breach-related news last year. Major brands like Target, J.P Morgan Chase, Home Depot, eBay and Sony Pictures all became victims of cyberattacks that jumped from the business page of the newspaper to the front page.

Anthem Healthcare has been the most recent victim, with an estimated 80 million records containing sensitive information such as birthdays, Social Security numbers, family members and more now in the hands of malicious hackers.

By the end of 2014, it’s no wonder that the NSA’s Director Admiral Michael Rogers echoed the sentiments of many corporate security and IT executives when he said that a major cyberattack is, “Only a matter of the ‘when,’ not the ‘if.’

This change in mindset is a significant one. Migrating from preventing a security event from happening to neutralizing the effects of an event when it happens is a significant strategic and tactical shift.

Protecting your data during a security event is broadly referred to as “data loss prevention” (DLP) and that’s why it’s one of my “Top IT Trends of 2015”. So with that in mind, I’d like to briefly outline what data loss prevention is and why it’s an important addition to any company’s security portfolio.

NOT ALL THREATS ARE EXTERNAL

In January 2015, Morgan Stanley announced that the identities and financial information of approximately 350,000 of their top wealth management clients had been stolen from the company. But this wasn’t the work of hackers overseas; the thief was one of their own financial advisors.

This was an extreme example, of course, and such criminal behavior is the rare exception. But data breaches due to a lost or stolen laptop—840,000 Blue Cross/Blue Shield of New Jersey subscribers—or a misplaced USB drive—33,000 medical records from a California hospital—are a much more common event.

The activities of hackers and identify thieves get most of the headlines, but statistics show that the majority of data breach events aren’t malicious; they occur due to the accidental loss or theft of laptops, mobile devices and portable storage.

In fact, an estimated 68% of all recorded security incidents in the healthcare industry over the last five years have happened for those reasons.

DATA LOSS IS DATA LOSS

In the DLP worldview, a deliberate cyberattack from an outside threat isn’t a whole lot different than a portable hard drive left at the airport gate. In each case, data that was previously only in the hands of the company no longer is.

When this happens an organization’s DLP processes and technologies work together to:

  • Minimize the potential loss of data in the first place.
  • Mitigate the risks of data loss if and when it does happen.

It does that by:

  1. Cataloging the company data and classifying it. Understanding what data are considered sensitive and where they are located in the organization.
  2. Monitoring the flow of data throughout the organization. This includes the movement of data across servers, PCs, mobile devices, cloud storage and collaboration tools, email, instant message and more.
  3. Protecting the data at rest and in flight. DLP tracks the movement of data around the organization and partner ecosystem to ensure that it remains within the policies and parameters set for that particular type of data.
  4. Managing and reporting potential risks. In the event that the established parameters for a particular set of data are exceeded, the DLP system would notify the appropriate individuals for immediate action or, in some cases, block data from moving from the device.

NOT ALL DATA IS CREATED EQUALLY

In order for DLP to work effectively, it’s essential to:

  1. Document what data are sensitive.
  2. Identify what individuals are authorized to access that data.
  3. Determine where that data can be safely accessed or stored.

For example, a PDF of a sales brochure could be shared on cloud collaboration sites and viewed by anyone inside or outside the company. In the event that a USB drive containing the file were to be left in the back of a cab, no action would be required.

The company’s database of employee government ID numbers would be a different story. This data would be highly restricted to just a few approved locations and users.

If the DLP system were to see data being copied from the database outside the company firewall by an unauthorized user, it would alert the company’s security team right away and document the data’s movement to mitigate any potential risks or damage.

BETTER EYES, NOT THICKER WALLS

In today’s business and security environment, data loss prevention is a strategy worth embracing.

As workers have become more mobile, a company’s sensitive data is no longer locked up deep in the corporate data center. It’s out on the edge of the network, circulating across a wide range of mobile and portable storage devices…devices that can be easily lost or stolen.

At the same time, the external threats waiting just outside the company firewall are smarter, more organized and more advanced than ever before. Facing an asymmetrical threat like this is impossible to defend by simply fortifying the perimeter and hoping for the best.

As data breaches—both internal and external—become all too common, data loss prevention offers businesses a way to stay out of the headlines by minimizing the chances of potential data loss, and working quickly to mitigate the damages in the unfortunate event that a breach does take place.

Share or print this post:
  • Facebook
  • Twitter
  • LinkedIn
  • Google Bookmarks
  • Print
  • email
  • Reddit
Posted on 1 Comment

INFOGRAPHIC: Eight Ways to Use Social Media Safely

social-media-infographic-EXTERNAL-v1-top

According to the Dutch security firm Gemalto, the number of lost or stolen identity records due to data breach was up 78% over 2013.

In another troubling trend, more than half (54%) of all data-hacking incidents were focused on identity theft rather than stealing financial or account information.

Don’t let your employees’ social media activity expose both them and you to potential identity theft. Share the eight simple tips below with your employees to allow them to stay connected without opening them up to potential cyberattacks in the process.

Redistribute this as you see fit or share this content socially; the only thing we’d ask is that you keep the Avnet header and footer intact.

We’ll be sharing more of these in the near future when the opportunity arises, so be sure to subscribe to this blog via email or RSS by clicking HERE.

- Steve

CLICK HERE to download a PDF version 

social-media-infographic EXTERNAL v1

Share or print this post:
  • Facebook
  • Twitter
  • LinkedIn
  • Google Bookmarks
  • Print
  • email
  • Reddit
Posted on Leave a comment

INFOGRAPHIC: Five ways to avoid a phishing attack

Phishing-blog-header-image

According to Verizon’s Data Breach Investigation Report, 78% of all cyber-espionage attempts last year relied on some form of email link or attachment sent to employees.

One of the most cost effective tactics any company can do to protect the security of its employees and data is teach them how to recognize phishing attacks before they—and you—become victims.

At Avnet, we’ve developed a series of simple infographics that we distribute to all of our employees to help them recognize and successfully avoid potentially risky online activity and behavior.

I’ve shared our infographic on phishing attacks below, with a few minor changes to make sure the content applies to anyone, anywhere.

I would encourage you to redistribute this as you see fit or share this content socially; the only thing we’d ask is that you keep the Avnet header and footer intact.

We’ll be sharing more of these in the near future when the opportunity arises, so be sure to subscribe to this blog via email or RSS by clicking HERE.

- Steve 

Please include attribution to Avnet, Inc.’s Behind the Firewall with this graphic.

Five Ways to Avoid a Phishing Attack

Share or print this post:
  • Facebook
  • Twitter
  • LinkedIn
  • Google Bookmarks
  • Print
  • email
  • Reddit
Posted on 1 Comment