Pointers: Recommended reading

Lessons learned from data breaches; Password hackers on the loose; the Internet and civic engagement; and Twitter guidelines

Data breaches: 5 security lessons learned
Source: InformationWeek

An analysis of three data breaches in the private sector provides some hard-earned lessons learned for any organization that stores personal data.

Lesson No. 1: Get serious about Web security. It’s not enough to install firewalls and keep up with security patches, according to the article. Security must become part of the application development process.

The authors also note that intrusion detection systems, vulnerability scanners and other security tools can never keep up with the bad guys. They advise using event management systems and similar technology to watch for unusual traffic that could indicate a possible security problem.

Password hacking: Sizing up the threat
Source: InfoWorld

InfoWorld’s Roger Grimes identifies the six most daunting threats to the security of your password.

One technique is password sniffing. It involves installing a standard network protocol analyzer — often called a sniffer — between the authentication client and authentication database, Grimes said. If the log-on credentials are not protected en route, they are easy pickings.

Other techniques try to avoid the log-on process altogether. In authentication bypassing, hackers might use a separate boot disc to gain access to the data partition they want without ever seeing a log-on prompt.

The article discusses the best defenses against those and other techniques.

The Internet and civic engagement
Source: Pew Internet and American Life Project

The nation’s well-to-do could lose their grip on the political process thanks to the Internet, according to a new report from the Pew Internet and American Life Project.

On the one hand, the digital divide is still apparent: People who are educated and financially secure are more likely to participate in political activities, such as sending a letter to a government official or making a contribution to a candidate — whether they do it online or off-line.

But socioeconomic factors appear to play less of a role in the type of political involvement that centers around blogs and social-networking sites. That is because younger users — ages 18 to 29 — have higher levels of online engagement than their older and more affluent counterparts, the report states.

Twitter guidelines: The UK edition
Source: The E-government Bulletin

Government officials in the United Kingdom recently drafted guidelines for agencies that want to join the conversation on Twitter.

The guidelines highlight the various objectives Twitter might help agencies achieve and metrics for measuring their success. For example, if agencies hope to provide “thought leadership,” they should measure the frequency with which their updates are retweeted by other users.

The guidelines also identify risks and possible mitigation strategies. For example, agencies concerned that sensitive or embargoed information might be published in error can develop light but effective procedural controls or require that a digital media team approve all tweets before posting.

About the Author

John Stein Monroe, a former editor-in-chief of FCW, is the custom editorial director for the 1105 Public Sector Media Group.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.

Featured

  • FCW @ 30 GPS

    FCW @ 30

    Since 1996, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

  • Shutterstock image.

    A 'minibus' appropriations package could be in the cards

    A short-term funding bill is expected by Sept. 30 to keep the federal government operating through early December, but after that the options get more complicated.

  • Defense Secretary Ash Carter speaks at the TechCrunch Disrupt conference in San Francisco

    DOD launches new tech hub in Austin

    The DOD is opening a new Defense Innovation Unit Experimental office in Austin, Texas, while Congress debates legislation that could defund DIUx.

  • Shutterstock image.

    Merged IT modernization bill punts on funding

    A House panel approved a new IT modernization bill that appears poised to pass, but key funding questions are left for appropriators.

  • General Frost

    Army wants cyber capability everywhere

    The Army's cyber director said cyber, electronic warfare and information operations must be integrated into warfighters' doctrine and training.

  • Rising Star 2013

    Meet the 2016 Rising Stars

    FCW honors 30 early-career leaders in federal IT.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group