The Importance of Password Management – Do the Eyes have it?

Password Protect

Password Management

One of the main drawbacks to the borderless space that comprises the cloud is that of security. Recent breaches such as Heartbleed, Target and Home Depot demonstrate that crucial data – the passwords and PINs that keep the bad guys away from our money and information, need constant vigilance and upkeep, primarily in terms of keeping passwords complicated and unique.

For many, this becomes too much work, which is why the most common passwords, such as 123456 are still heavily used.

The importance of security has always been paramount, but is about to become a whole lot more critical as the Internet of Things opens the world of data up from simply PCs and phones to refrigerators, baby monitors, home automation systems and much more. With each of these items able to talk to each other across a common platform, any one simple misappropriated password attached to one device becomes the entryway that can infect an entire system, much like the hugely complex human body can be brought down by a single insect bite or infected needle.

The Open Web Application Security Project (OWASP) recently released a list of the top ten security weaknesses of the Internet of Things, which included Insecure Web Interface, Insufficient Authentication/Authorization, Lack of Transport Encryption, Insufficient Security Configurability, and Poor Physical Security.

One company that seeks to change this is Eyelock, a New York City-based company whose new product, Myris, promises to deliver secure access literally in the blink of an eye. It sells an inexpensive device that consists essentially of a mirror and a camera to read the unique pattern of a person’s iris, and can do so even if the individual is wearing glasses. Eyelock’s people state that the application can also distinguish between a real eye and a picture of an eye.

eyelock

Iris and retina readers are the newest and most James Bond-like of security devices, but just below them on the glamour scale rests another concept, that of the online password keeper. Applications such as LastPass not only remember all the passwords that a user might have for his/her many applications and websites, but also generates highly complex ones consisting of numbers, letters and symbols. The idea behind LastPass is that the only password needed from this point on is the one that opens up the LastPass application itself.

Such sophisticated approaches to defending data are only as strong as the weakest link, which, as always, is the human user. From the overly simple (123456, qwerty and the actual word “password” topped the Huffington Post’s annual ranking of bad passwords for 2013), through to sloppy human usage – leaving a browser open, leaving passwords written down, or forgetting to log off – human actions will always be the ones that will leave a computer – and every single device that the computer can talk to – open and exposed.

Literacy, in the age of the Internet of Things is about information management, and this includes protection of that information.

By Steve Prentice

Ramanan GV

Establishing a Unified Governance Model for the Digital Workforce

Increase visual control and reduce OPEX by 30% The Digital Service Providers (DSPs) are riding an automation wave. Painful manual tasks, which burdened staffs for ages, can now be easily handled by the software bots ...
Brad Thies

SOC Reporting Requirements You Need to Know in a Cloud Environment

SOC Reporting Requirements Security lapses in some of the world's biggest companies continue to appear in news headlines, and information security is top of mind for businesses. Perhaps as a result, SOC reports are becoming ...
Robots

How DSPs can Improve Straight Through Processing Rate in RPA Implementations by up to 82%

Robotic Process Automation Digital Service Providers (DSPs) today are well placed to take advantage of next-generation technologies like Robotic Process Automation (RPA), Machine Learning, and Artificial Intelligence. As most of the smart DSPs have already ...
Scott Leatherman

Beware the Perils of Blind Cloud Provisioning

The COVID-19 Rush to the Cloud Results in Steep Costs and Chaos For many companies, their data center capacity was not built for the instant tsunami-sized jolt of increased load caused by the global pandemic ...
Kayla Matthews

The California Consumer Privacy Act: What You Should Know

The California Consumer Privacy Act GDPR or the European Union’s General Data Protection Regulation effectively altered the way that businesses interact with European citizens. It doesn’t matter whether a company is located within the boundaries ...
Flexiant Tony Lucas

There Are Still Opportunities For Service Providers

Opportunities For Service Providers Service providers (SPs) still have a golden, but short-lived opportunity to commercialize the $266.4 billion cloud services market before AWS and others call it “game over.” By being more agile, able to ...