Google, Apple, and Yahoo moving away from passwords

This article discusses efforts made my Google, Apple, and Yahoo to move away from password sign ins.  Passwords are often poorly structured and hard to remember; I know that many people use the same password for different sites for the sake of convenience. I could not keep track of my passwords without LastPass. Biometrics is certainly a growing area. I secure my smartphone, tablet, and laptop with my fingerprint. This system is more secure than a password, of course. I find it works well, although I often have to swipe my thumb more than once to unlock the device; if I have any body lotion or moisture on my skin, for example, the device cannot read my fingerprint. There is a backup password for your fingerprint if, say, you injured your finger and are wearing a bandage, plaster, and so forth. Retinal scanning would be more convenient, but we’re not there yet. I know that you can use voice or photo recognition via Windows Hello, but I still prefer to use my fingerprint, as I think it’s less amenable to distortion. I am prone to throat infections, for example, so I don’t think that Windows Hello could manage access when I have laryngitis.



2015 information security breaches survey

The 2015 information security breaches survey was commissioned by the UK government, and conducted by PwC.  The executive summary highlights the following points:

  • 90% of large organisations reported that they had suffered a security breach, up from 81% in 2014.
  • The majority of UK businesses surveyed, regardless of size, expect that breaches will continue to increase in the next year. The survey found 59% of respondents expected to see more security incidents. Businesses need to ensure their defences keep pace with the threat.
  • For companies employing over 500 people, the ‘starting point’ for breach costs – which includes elements such as business disruption, lost sales, recovery of assets, and fines & compensation – now commences at £1.46 million, up from £600,000 the previous year. The higher-end of the average range also more than doubles and is recorded as now costing £3.14 million (from £1.15 in 2014).
  • Large and small organisations appear to be subject to greater targeting by outsiders, with malicious software impacting nearly three-quarters of large organisations and three-fifths of small organisations. There was a marked increase in small organisations suffering from malicious software, up 36% over last years’ figures
  • Staff-related breaches feature notably in this years’ survey. Three-quarters of large organisations suffered a staff-related breach and nearly one-third of small organisations had a similar occurrence (up from 22% the previous year).
  • When questioned about the single worst breach suffered, half of all organisations attributed the cause to inadvertent human error.

Calculating the value of information

This article makes some very good points about the need for records and information management professionals to make a strong case to senior management about the value of information.  The author states that RIM professionals often lose the opportunity to convince senior management about the importance of information management because their focus is on compliance, rather than on what value information has for the organization:

What I find is that they often don’t consider how they waste their few chances to do so, usually by leading their pitch with the need for compliance, or system features. Senior managers have to juggle a large number of obligations and demands on their attention, and they will quickly tire of someone who keeps reappearing, only to tell the same story repeatedly.

The author points out areas of value in which information adds value that RIM professionals can focus on:

  • recruitment
  • contract management
  • any approval process that includes multiple authorisations
  • meeting management
  • workers’ compensation claims
  • asset recording and verification
  • customer complaint handling
  • enrolments
  • employee performance management
  • case management
  • procurement



Fitness tracker privacy and security

A report on fitness tracker activity has just been published by OpenEffect,  Canadian not-for-profit applied research organization focusing on digital privacy and security, and The Citizen Lab at the Munk School of Global Affairs, University of Toronto. The scope of this report is as follows:

Every Step You Fake explores what information is collected by the companies which develop and sell some of the most popular wearables in North America. Moreover, it explores whether there are differences between the information that is collected by the devices2 and what companies say they collect, and what they subsequently provide to consumers when compelled to disclose all the personal information that companies hold about residents of Canada.

The report does not contain any conclusions or specific recommendations yet, so this is obviously very preliminary at this point.  Some points raised, however, include:

  • Seven of the eight wearables tested revealed unique Bluetooth identifiers that  allowed them to be tracked by nearby Bluetooth beacons. Beacons are used more and more in stores and malls to profile shoppers and push tailored offers.
  • While the devices themselves show the wearers’ location, the accompanying apps provide more personal information, e.g., they failed to protect against interception and tampering when they were transmitting data between smartphone, wearable, and the wearable company’s own servers.

I have worn a fitness tracker for some years now, and I tend to not have my Bluetooth device active on my smartphone when I am away from home.  I sync my wearable device when I am at home.  I’m not sure how much protection this affords me.  The default setting on my Bluetooth is to not make the device visible to anyone other than me, but I’m not sure if this is sufficient.  I minimize the information I load to my tracker; I don’t include what I’ve eaten, or track my sleep, so at least I do control how much of my personal information is tracked.  Still, this report does raise a few red flags, even as preliminary as it may be.


8 Must-Have Mobile Tools For Road Warriors

This article lists eight tools to support your mobile devices while you are on the road. I already use a wireless keyboard, an external drive, and a portable smartphone/tablet charger.  I store most of my documents in the cloud, so an external drive isn’t always necessary when I’m travelling, but I do use one to backup my cloud drives.  Noise-cancelling headphones (preferably from Bose) are on my list, although I would prefer the ear bud types, as the over the head types, while probably better, are too bulky.  The challenge with travelling, of course, is the large number of items that you carry with you to support your mobile office. It can get a little out of hand.