Target Breach Takeaway: Secure Your Remote Access - InformationWeek
IoT
IoT
Comments
Target Breach Takeaway: Secure Your Remote Access
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 2
hho927
50%
50%
hho927,
User Rank: Ninja
2/10/2014 | 2:02:28 PM
Re: Lack of security at Target
I work in IT. I know some IT people are lack of security training or simply lazy. They just want to make it work, Always try to take an easy route. The easy way is giving full access to accounts.

Why a HVAC account was allowed to access POS systems? Plus permission to install software? It has no role in that area.

If you work in IT, you have the right to say no. My managers often whine about access. I simply said no. If you have no role in that area why do i give you access?
edyang73
100%
0%
edyang73,
User Rank: Strategist
2/10/2014 | 1:57:59 PM
Tokenizing individual data
While credit card numbers have been tokenized for encryption, there's now the ability to tokenize inidividual pieces of data far beyond just 16 digits. All the way to files MB and GB in size. This means even if a server is breached, it's mathematically impossible to break the individual MicroTokenized files. 

http://multichannelmerchant.com/ecommerce/mass-retail-data-breaches-can-now-prevented-certainstores-microencryption-27012014/#_
majenkins
50%
50%
majenkins,
User Rank: Ninja
2/10/2014 | 1:25:01 PM
Re: Lack of security at Target
Fire the IT department????????? The entire IT department did not make the decisions that allowed the access you describe. In fact it may not have been anyone in IT that did. Often business users, managers, over ride the controls that IT wants to put in place.
hho927
50%
50%
hho927,
User Rank: Ninja
2/10/2014 | 12:08:22 PM
Lack of security at Target
You hit it on the head. Target can blame no one but itself. Why a HVAC account allowed to install software? This account should have only read access. Why a HVAC account could access POS? First Target gave to much priviledges to that account and there was no security audit at target. Target simply sux. They should fire their IT dept.
<<   <   Page 2 / 2


2017 State of IT Report
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends for 2018
As we enter a new year of technology planning, find out about the hot technologies organizations are using to advance their businesses and where the experts say IT is heading.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll