Secure in My Identity

Bruce Kirkham (CIO)
11 October, 2005 10:03
Comments

"Take security issues into your own hands," the experts told me. Now all I've got are sore hands . . .

I admit it - I'm to blame. I used to think viruses, spam and security breaches were caused by bored students, criminals and Nigerian princes. They were assisted by people in Redmond releasing operating systems with holes in them, ISPs who let spam mail through or education authorities who taught people to spell (I used to pick dodgy e-mails by the poor spelling).

Having read reports by Gartner and others on security, I now know the mistake lies with me. It was me who didn't download yesterday's urgent patch until today, me who didn't turn on all the security protection that the vendors don't turn on in the base product and me who didn't test that the latest mandatory patch would stop my database working.

How could I possibly predict that opening unsolicited e-mails with attachments promising naked tennis player pictures or lengthening tips (in both meanings) could result in a virus attack? Anti-spyware vendor Webroot says the average business computer has 27 spyware pieces, which prompted me to check mine. My laptop had 83, but I've always considered I was well above average.

The real trouble is that hackers appear to read their e-mail more regularly than I do, because as soon as a security update bulletin is released, new viruses exploiting it deluge me while I'm still installing last week's patch.

My other security issue was wireless access. In tracking down what was causing a sudden huge excess in downloads, I discovered a guy parked outside with a Pringles can antenna. While he was engrossed in his laptop, I snuck outside and siphoned all his petrol. Then I blocked his access and watched as he drove away. He only made it 300 metres. These days petrol is worth a lot more than megabytes, so I reckon we're even now.

I have unearthed a valuable shareware tool that eliminates the most insidious virus to contaminate the business world: non-comprehensible corporate speak. Bullfighter (ouch!) analyses documents and presentations to reveal buzzwords empty in meaning. I recommend it highly to other people (clearly I do not require surveillance by a technological device in order to establish clarity in the phraseology within these literary oeuvres).

The biggest security issue today is identity stealing. Viruses are increasingly originating inside company DMZs, credit card identities are being stolen and the spotlight is now on biometric user authentication. The most common method is handprint recognition, although movies tell me iris recognition is the way to go. A more accurate biometric target is the ear, according to groundbreaking work by Southampton University researchers (when will they get a real occupation?). The ear is ideal as it changes very little between birth and old age. The drawback is that hair can obscure the ear, but I'd overcome that by mandating all employees have number three haircuts.

It was while working with health researchers that I hit on the best biometric test. We all know DNA is the most accurate individual marker, and tests have become cheap and rapid. So I've changed my computer keyboard to incorporate a DNA analysis test and have embedded tiny syringes into those little bumps on the keytops between D & G and between H & K. Each time either key is struck, a small blood sample is taken, analyzed and compared to the stored user record. Should the DNA records not match, the system is immediately locked.

As a biometric security device, it has been an outstanding success. The only downside is it causes considerable pain in the index digits when typing large documents.

Which is why, excepting one proper noun that I couldn't avoid, I've not used those two letters throughout this entire article. It's a small price to pay to guarantee accurate user identification (ouch!). v

Bruce Kirkham is a veteran IT professional specializing in leading-edge technologies and scepticism, who views the IT industry not so much as "dot com" as "dot comedy"

Bookmark this page
Share this article
- facebook
- slashdot
- digg
- Reddit
- stumbleupon
- linkedin
- twitter
Got more on this story? Email CIO
Follow CIO on twitter

More about: Edge Technologies, Gartner, HIS Limited, IRIS, RECKON, Webroot

Comments

Post new comment

Share
Share this article
- google+
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter
print
email
Bookmark

Related Whitepapers

Latest Stories

Community Comments

"Hi there! Do you use Twitter I’d for instance to follow you ..."

Leaving your job? Take your data with you
"I recently came across your blog and have been reading along. I ..."

Australia's first 4G smartphone is the HTC Velocity 4G
"I am crazy about this blog. I have visit so lots of ..."

Social networking, ignorance, and apathy
"Thanks in favor of sharing such a pleasant thinking, paragraph is nice, ..."

China's Alibaba sees big growth with AliExpress site
"I have a bully boss who even has a tshirt that says ..."

10 Tips for Dealing with a Bully Boss

Latest Blog Posts

Whitepapers

Optimised Data Protection for VMware® Environments with Symantec NetBackup™ Appliances
VMware® remains the most widely deployed virtualisation solution. The explosive growth of VMware infrastructure in organisations both large and small has enabled corporations to more fully exploit their hardware investments. With multiple virtual machines running on few physical hardware nodes, hardware costs are reduced, as well as space, power, and cooling requirements. This white paper discusses in more detail how VMware environments can be protected with the NetBackup appliances. Read more.

Learn more »
Information Security Policies, Standards and Procedure
As a result of the adjustments in the way business is conducted, ownership of information does not carry the same clear accountability it once did. Physical and behavioural boundaries used to exist around information management but these can be missing in the modern workplace. Clearly thought-out information security policies, standards and procedures addressing internationally supported standards, will go a long way to addressing the risk exposure these changes have created. In this third paper, “Policies, Standards and Procedures,” we discuss guidelines for effective information security management.

Learn more »
CommVault Extends its Data Protection and Information Management Strategy with Simpana 9
This IDC Insight explores the differentiators of CommVault's Simpana data and information management software and the customer challenges the help address. The focus of this Insight is on the data management and data protection capabilities on Simpana.

Learn more »

All whitepapers

Most Read
Most Commented

Get exclusive access to Invitation only events CIO, reports & analysis.

Latest Jobs

Zones

Featured Whitepapers

Consolidated Storage for Virtualised Server Environments

This research brief is based on a recent Tech Target survey with more than 200 storage administrators and IT professionals in mid-sized and enterprise-class companies, and focuses on how these ...

Secure in My Identity

Comments

Post new comment

Building trusted relationships

Planning your IT career

Taking the risk out of diversity

5 open source help desk apps to watch

How to create a clear project plan

IT service management going social

BYOD security: How to protect your business on the move

5 open source billing systems to watch

Face Time - Interview with John Brennan and Robert DiStefano

All Systems Down

IT service management going social

Australia's first 4G smartphone is the HTC Velocity 4G

Survey: Over 97 per cent of enterprise tablet users got an iPad in Q1

HP Business Efficiency - Money Payback Guarantee Resource Centre

The Australian Cloud

Consolidated Storage for Virtualised Server Environments

The Pathways ICT Leadership Development Program Brochure and Curriculum 2012