[2793] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, August 27, 2012
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Mon Aug 27 16:50:22 2012
From: Monique Yeaton <myeaton@mit.edu>
To: "ist-security-fyi@mit.edu" <ist-security-fyi@mit.edu>
Date: Mon, 27 Aug 2012 20:49:22 +0000
Message-ID: <CC6152AF.2D571%myeaton@exchange.mit.edu>
Content-Language: en-US
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============1770187247=="
Errors-To: ist-security-fyi-bounces@mit.edu
--===============1770187247==
Content-Language: en-US
Content-Type: multipart/alternative;
boundary="_000_CC6152AF2D571myeatonexchangemitedu_"
--_000_CC6152AF2D571myeatonexchangemitedu_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
In this issue:
1. Putting Data in the Cloud
2. Back to School: Protecting Kids' Identities
-----------------------------------
1. Putting Data in the Cloud
-----------------------------------
The central question for anyone doing cloud computing is, "do you have cont=
rol?" Reliance on a cloud vendor (like Dropbox, Google, Apple's iCloud and =
Amazon's EC2) could lead to breaches and in some recent high-profile cases,=
already has. Epsilon last year and Dropbox this year reported breaches of =
their systems.
The problem is that individuals can put personal- or business-sensitive dat=
a into a cloud storage service, where anyone with access to the server coul=
d potentially read the file. While the design of the cloud service allows t=
hird parties to access their user's accounts, it also leaves the data less =
secure than a system that encrypted the data before sending it into the clo=
ud.
These five best tips come from an article posted by CNN<http://www.cnn.com/=
2012/08/09/tech/web/cloud-security-tips/index.html>:
1. Back up everything - in the cloud or on the ground
2. Use a bunch (maybe hundreds) of different passwords
3. Don't link all of your accounts together
4. Use two-factor authentication on Google and Facebook
5. Don't use "find my Mac" on Apple computers
For interest, read Mat Honan's story<http://www.wired.com/gadgetlab/2012/08=
/apple-amazon-mat-honan-hacking/>, who lost all his photos and other data b=
y using cloud-based services when he was hacked.
--------------------------------------------------------
2. Back to School: Protecting Kids' Identities
--------------------------------------------------------
As back-to-school time approaches, children may be thinking about meeting u=
p with friends to share stories about their summer adventures. But when it=
comes to personal information, parents and kids need to be careful about s=
haring too much. These days the casual use of sensitive data (like a Socia=
l Security number on a registration form, permission slip, or health docume=
nt) can lead to identity theft, a serious crime that impacts thousands of k=
ids each year.
The FTC has resources available for parents to help them protect their chil=
dren from ID theft.
Read the full article<http://business.ftc.gov/blog/2012/08/its-back-school-=
time-protecting-kids-identities>.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Read all Security FYI Newsletter articles and submit comments online at htt=
p://securityfyi.wordpress.com/.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
--_000_CC6152AF2D571myeatonexchangemitedu_
Content-Type: text/html; charset="us-ascii"
Content-ID: <D4179779159F5443B77455366D0216CB@exchange.mit.edu>
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
</head>
<body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-lin=
e-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; ">
<div>
<div>
<div><span class=3D"Apple-style-span" style=3D"font-family: Helvetica; ">In=
this issue:</span><font class=3D"Apple-style-span" face=3D"Helvetica">
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">1. Put=
ting Data in the Cloud</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">2. Back to=
School: Protecting Kids' Identities</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">------=
-----------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">1. Put=
ting Data in the Cloud</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">------=
-----------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">The ce=
ntral question for anyone doing cloud computing is, "do you have contr=
ol?" Reliance on a cloud vendor (like Dropbox, Google, Apple's iCloud =
and Amazon's EC2) could lead to breaches and
in some recent high-profile cases, already has. Epsilon last year and Drop=
box this year reported breaches of their systems.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">The pr=
oblem is that individuals can put personal- or business-sensitive data into=
a cloud storage service, where anyone with access to the server could pote=
ntially read the file. While the design
of the cloud service allows third parties to access their user's accounts,=
it also leaves the data less secure than a system that encrypted the data =
before sending it into the cloud.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">These =
five best tips come from an
<a href=3D"http://www.cnn.com/2012/08/09/tech/web/cloud-security-tips/index=
.html">article posted by CNN</a>:</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<ol style=3D"list-style-type: decimal">
<li style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">Back =
up everything - in the cloud or on the ground
</li><li style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">=
Use a bunch (maybe hundreds) of different passwords
</li><li style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">=
Don't link all of your accounts together
</li><li style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">=
Use two-factor authentication on Google and Facebook
</li><li style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">=
Don't use "find my Mac" on Apple computers
</li></ol>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">For in=
terest, read
<a href=3D"http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-ha=
cking/">
Mat Honan's story</a>, who lost all his photos and other data by using clou=
d-based services when he was hacked.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica; min-he=
ight: 17.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">------=
--------------------------------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">2. Back to=
School: Protecting Kids' Identities</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Helvetica">------=
--------------------------------------------------</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">As back-to=
-school time approaches, children may be thinking about meeting up with fri=
ends to share stories about their summer adventures. But when it come=
s to personal information, parents and
kids need to be careful about sharing too much. These days the casua=
l use of sensitive data (like a Social Security number on a registration fo=
rm, permission slip, or health document) can lead to identity theft, a seri=
ous crime that impacts thousands of kids
each year.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">The FTC ha=
s resources available for parents to help them protect their children from =
ID theft.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><a href=3D=
"http://business.ftc.gov/blog/2012/08/its-back-school-time-protecting-kids-=
identities">Read the full article</a>.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height=
: 16.0px">
<br>
</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Read all S=
ecurity FYI Newsletter articles and submit comments online at
<a href=3D"http://securityfyi.wordpress.com/"><span style=3D"text-decoratio=
n: underline ; color: #1e37ee">http://securityfyi.wordpress.com/</span></a>=
.</p>
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D</p>
</font></div>
<div style=3D"font-family: Garamond, sans-serif; ">
<p style=3D"margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><br>
</p>
</div>
<div style=3D"font-family: Garamond, sans-serif; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; font-family: Helvetica; ">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; -webki=
t-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; col=
or: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: norm=
al; font-variant: normal; font-weight: normal; letter-spacing: normal; line=
-height: normal; -webkit-text-decorations-in-effect: none; text-indent: 0px=
; -webkit-text-size-adjust: auto; text-transform: none; orphans: 2; white-s=
pace: normal; widows: 2; word-spacing: 0px; "><span class=3D"Apple-style-sp=
an" style=3D"border-collapse: separate; -webkit-border-horizontal-spacing: =
0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family=
: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; fon=
t-weight: normal; letter-spacing: normal; line-height: normal; -webkit-text=
-decorations-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: a=
uto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word=
-spacing: 0px; "><span class=3D"Apple-style-span" style=3D"border-collapse:=
separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-=
spacing: 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px;=
font-style: normal; font-variant: normal; font-weight: normal; letter-spac=
ing: normal; line-height: normal; -webkit-text-decorations-in-effect: none;=
text-indent: 0px; -webkit-text-size-adjust: auto; text-transform: none; or=
phans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><span class=
=3D"Apple-style-span" style=3D"border-collapse: separate; -webkit-border-ho=
rizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; color: rgb(0, =
0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-va=
riant: normal; font-weight: normal; letter-spacing: normal; line-height: no=
rmal; -webkit-text-decorations-in-effect: none; text-indent: 0px; -webkit-t=
ext-size-adjust: auto; text-transform: none; orphans: 2; white-space: norma=
l; widows: 2; word-spacing: 0px; "><span class=3D"Apple-style-span" style=
=3D"border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -web=
kit-border-vertical-spacing: 0px; color: rgb(0, 0, 0); font-family: Helveti=
ca; font-size: 12px; font-style: normal; font-variant: normal; font-weight:=
normal; letter-spacing: normal; line-height: normal; -webkit-text-decorati=
ons-in-effect: none; text-indent: 0px; -webkit-text-size-adjust: auto; text=
-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing:=
0px; ">
<div style=3D"font-size: 12px; "><br>
</div>
<div style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"=
font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12p=
x; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span cla=
ss=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-st=
yle-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" styl=
e=3D"font-size: 12px; ">Monique
Yeaton</span></span></span></span></span></span></div>
<div style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"=
font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12p=
x; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span cla=
ss=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-st=
yle-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" styl=
e=3D"font-size: 12px; ">IT
Security Communications Consultant</span></span></span></span></span></spa=
n></div>
<div style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"=
font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12p=
x; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span cla=
ss=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-st=
yle-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" styl=
e=3D"font-size: 12px; ">MIT
Information Services & Technology (IS&T)</span></span></span></spa=
n></span></span></div>
<div style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"=
font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12p=
x; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span cla=
ss=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-st=
yle-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" styl=
e=3D"font-size: 12px; ">(617)
253-2715</span></span></span></span></span></span></div>
<div style=3D"font-size: 12px; "><span class=3D"Apple-style-span" style=3D"=
font-size: 12px; "><span class=3D"Apple-style-span" style=3D"font-size: 12p=
x; "><span class=3D"Apple-style-span" style=3D"font-size: 12px; "><span cla=
ss=3D"Apple-style-span" style=3D"font-size: 12px; "><span class=3D"Apple-st=
yle-span" style=3D"font-size: 12px; "><span class=3D"Apple-style-span" styl=
e=3D"font-size: 12px; ">http://ist.mit.edu/security</span></span></span></s=
pan></span></span></div>
<div style=3D"font-size: 12px; "><br class=3D"khtml-block-placeholder">
</div>
<br class=3D"Apple-interchange-newline">
</span></span></span></span></span></div>
</div>
</div>
</div>
</body>
</html>
--_000_CC6152AF2D571myeatonexchangemitedu_--
--===============1770187247==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============1770187247==--
