Ebba Blitz

Engadget Editorial Policies

The unique content on Engadget is a result of skilled collaboration between writers and editors with broad journalistic, academic, and practical expertise.

In pursuit of our mission to provide accurate and ethical coverage, the Engadget editorial team consistently fact-checks and reviews site content to provide readers with an informative, entertaining, and engaging experience. Click here for more information on our editorial process.

Stories By Ebba Blitz

  • engadget
    0
    Cybersecurity
    Cybersecurity By Ebba Blitz

    The Link Between Encryption and Trust

    By Ebba Blitz, CEO of Alertsec. Trust is the foundation for most relationships—with husbands and wives, with parents and children, with employers and employees and with businesses and their customers. Trust is required for success, and the loss of trust dooms many relationships. Trust is a major factor when a prospect is making a buying decision. Prospects who don't believe in the integrity of a company and/or the reliability of its products will rarely, if ever, become buyers. And when you lose your customers' trust, you ultimately also lose both revenue and shareholder value. A recent example of this is when the personal data of the NFL's Washington Redskins players that was put at risk. Confidential player data was put at risk for compromise after a laptop computer belonging to a Redskins athletic trainer was stolen. While the laptop was password-protected, it was however, unencrypted. What happened to the Washington Redskins was a total fumble on computer security. While we should be surprised that the laptop was not encrypted, our research shows most companies do not ensure their laptops are encrypted until a breach like this takes place. Ultimately, this security fumble proves why everyone needs encryption. The password protected laptop likely created a false sense of security. According to our own research businesses overwhelmingly fear that standard security precautions create a false sense of security for laptop and mobile users. For example, more than two-thirds of executives (68%) believe auto-saved passwords are not secure. Nearly half (48%) of SMB executives believe never logging out of user profiles decreases security, followed by having 4-6 digital passcodes (45%). Over one in five SMB executives (23%) believe lock down (when functionality of the system is restricted) is not secure, while 16% believe that lock ups (when multiple password attempts failed, causing restrictions) are also insecure. You can see the research here. This incident shows why encryption as a service is so valuable. Obviously the NFL has the resources to afford any encryption offering – but in this case, that did not happen. For those who want a cost-efficient solution and do not want to allocate resources to an IT department to manage encryption, we recommend encryption as a service.

    By Ebba Blitz Read More
  • engadget
    0
    Cybersecurity
    Cybersecurity By Ebba Blitz

    How Trust Affects IT Security and Subcontractors

    Recently T-Mobile used Experian, a subcontractor, to do the credit reporting for consumers who signed up for the company's mobile services. More than 15 million applicants had their personal information stolen by hackers from a server maintained by Experian. No one knows exactly how the hack occurred. We do know that the stolen data included Social Security numbers, driver's license numbers and dates of birth, and this kind of information is gold to an identity thief. Unfortunately, the data may not have been encrypted on Experian's server. These data crooks can open new credit lines, file bogus tax returns and in many other ways steal identities for profit. A breach that "only" compromises credit card information can be remedied by cancelling the card, whereas personal information is, well, personal! Factoring Data Breach Costs Data breach costs can range from class action lawsuits and fines to the deployment of new IT measures and the education of employees. But the biggest cost is the loss of revenue that can result from the loss of trust. As a result, information security is an issue that is now addressed in corporate boardrooms. According to the Ponemon Institute, the average cost of a data breach is at least $3.5 million per company. Costs include class action lawsuits, fines, deployment of new IT measures and the training of employees. But these costs pale in comparison to the loss of trust. It can lead to both short-term and long-term damage. In fact, some companies never recover from the loss of trust. Hence, it is clear that a company's most valuable asset is its reputation. How can it best be protected? What About Laptop Security? Industry estimates are that six out of ten breaches emanate from a lost or stolen laptop. The more information we store in the cloud, the more we need to secure the endpoints. Especially since user names and passwords are stored in the browser, a hacked laptop could mean giving away the keys to the kingdom, and it often goes unnoticed...until real damage is done. Encryption to the Rescue Many companies such as those in the insurance and financial services industries, given the sensitive nature of the data to which they have access, are obligated to leverage third-party protection to the highest possible standard: full disk encryption. But there is a problem, especially in small- to mid-sized organizations. When it comes to the installation of full disk encryption, deployment and management are typically the responsibility of an IT department. But small firms don't have IT departments, and the employees themselves are busy with day-to-day responsibilities and don't have the resources or the skills to handle this themselves. The ideal solution for these firms is to rely on a provider of endpoint security as-a-service to handle encryption deployment and management. Trust me.

    By Ebba Blitz Read More
Back
Next