Using your FitBit to login? Anything is possible

Man-taking-Pulse

Did you know that each individual has a unique heartbeat? Researchers from the University of Toronto (Foteini Agrafioti and Karl Martin) have fitted a watch with an electrocardiogram (ECG) sensor to scan your heartbeat and compare it to a database of pre-recorded cardiac rhythms for a match. If successful, this can be used to authenticate the user for email, online banking etc. This is called Nymi, created in 2011 and has been successfully trialled by the Royal Bank of Canada and Halifax – Lloyds Banking Group. If this takes off, every smart watch may be used for user authentication (e.g. Fitbit)

The good: Seamless user experience, less reliance on passwords, works even during elevated heart-rate

The bad: False positives, man-in-the-middle attacks (from continuous authentication), competition against Apple Pay

The overall: Wearable technologies will disrupt the way in which we carry out our everyday tasks. Great competition in this area will hopefully result in a better overall experience for the end user.

For more reading:

https://www.nymi.com/

http://www.wearabletechnologyinsights.com/articles/7368/your-heartbeat-as-a-unique-id

http://www.dailymail.co.uk/sciencetech/article-2993170/Halifax-replaces-passwords-HEARTBEATS-Bank-completes-trials-cardiac-authentication-online-accounts.html

3 PR disasters caused by innocent mistakes

badhillary31

What the Hillary Clinton email scandal proves is that you don’t even need a proven data leak to brew a public relations storm. The media will punish you nevertheless. It was recently discovered that Hillary Clinton ran a private email server from home for all emails, including work related ones. This makes it easy for eavesdroppers to obtain state secrets. (Which they can do without her knowing) Given that she is Secretary of State and in regular contact with the President, this is bad news for US national security. How bad? The backlash is severe and may affect her chances of securing Presidency at the next election. She is not alone though. History is littered with many examples of how disastrous, even a potential data leak may be.

1. Bank of America

In 2005, the Bank of America lost unencrypted backup tapes containing the banking and credit card details of 1.2 million federal employees (including senators). This was embarrassing. Technology executives were forced to issue public statements about the loss and regulators made fresh inquiries into whether new regulations were needed. 

2. NARA

In 2009, the National Archive and Records Administration lost two unencrypted hard drives. One contained the names and social security numbers of 76 million US military veterans. The other contained the private information and social security numbers of 250000 White House employees (including the daughter of Al Gore). They were thrashed by the media and had to compensate the victims. A $50,000 bounty was also offered for the missing hard drives. Not sure if that offer still stands. 

3. Emory Healthcare

In 2012, Emory healthcare misplaced 10 unencrypted backup discs containing 315,000 patient file records and social security numbers. These were misplaced or stolen after being placed in an unlocked cabinet. They were never found. The CEO of the company had to publicly apologise for the data breach. 

This may seem extreme but this is more commonplace than you would think, even in companies with solid IT Security controls. Voltage security found that 85% employees bypass security controls to get access to more data and 46% companies have breached security controls to avoid the possibility of a sales loss. The worst offenders are senior managers. Stroz Friedberg found that senior executives are the guiltiest culprits when it comes to sending work emails to their personal email and taking intellectual property with them when they leave the job.

To defend against this, classify information, encrypt your data and increase security awareness across all levels. 

Mind the HUGE Gap: The Key Difference between Securing Mobile Devices and PCs

Inside BlackBerry for Business Blog

86510843

It is generally accepted that mobile operating systems were developed with more security in mind than their desktop counterparts. It took Microsoft quite a bit of time to plug security holes in Windows due to design decisions made in the early 90s, and even then they had to tear up the manual and start from scratch with Windows Vista (in 2006).

So why is it that with these more robust mobile platforms, we are constantly being warned about the security risks to our enterprise data? The answer is actually much simpler than you think.

The Threat Posed by Apps

Excluding complex targeted attacks, the threat against PCs is, dare I say, under control. Attempts to infect standalone computers need to make it past all of the network defenses and even then once a computer is “owned”, exfiltrating information would have to once again make it past yet another gauntlet of

View original post 596 more words

3 Questions for Teachers. Are they adequately preparing young minds for the Internet of Things?

teacher_child_computer2

We have become so immersed in Technology that everyone from babies to retirees are online. My mum, who used to struggle with the most basic computer tasks (turning the computer on/off) is now addicted to her mobile and tablet devices. This phenomena will only increase as a plethora of new digital technologies emerge to disrupt traditional streams.

What this means is that Technology skills are no longer just limited to the domain of IT administrators, but in every business and industry. Some countries, like Australia, are already building Technology skills into their primary/ elementary school curriculum. Even from the perspective of a Generation Y-er, this is radical. As technologically savvy as we are, we received our education from the good ol’ textbook and pen. We had a classroom computer in primary school and maybe one shared computer at home, connected to dial-up. Our backs would ache from the heavy textbooks in our backpack.

To prepare the next gen for the digital revolution, our teachers need to set a good role model and embrace technology themselves.

1. Protecting online identities: Do teachers teach or preach?

Preaching is telling someone what to do and teaching is to share an experience. A teacher giving a lecture about online safety is even more powerful if they can back it up with their own experiences of setting up a personal brand online and protecting their own online identities.

2. Are female teachers setting good role models for girls?

I used to think technology was hard. If I told my teen self that I would be working in IT, my teen self would laugh, even though I was quite proficient with computers. When I was a little girl (around 6?), I managed to set the time on an oven, after all the adults had given up. It wasn’t because they were dull or I was bright, I was just more persistent than them.

So what happened?

In primary and secondary school, a lot of technology would fail during key presentations (VCRs, projectors, computers etc.) and if a female teacher was presenting, she would either call “one of the guys” to fix it or be taken over by one. Watching these smart, inspirational teachers get defeated by technology and needing to be rescued may have affected my own confidence in technology. Even if she tried to fix it, one of the boys would inevitably take over. He may fumble a bit but the class will wait for him to figure it out. Some female teachers would even complain that technology is just too difficult to understand. No wonder I felt that Technology was a guys domain!

3. Are teachers positively embracing digital? 

There is nothing more discouraging than to hear someone of authority complain about something being too difficult or hard. Teachers may make comments like “I don’t get coding” or “I can’t keep up with the changes” on the side and not realize how these comments affect the confidence of young minds. On the flip side, imagine how inspirational it may be for young people to hear about how their legal studies teacher created his/her own crowd-funded website and blog that has 1,000 followers!