Arquivo para August 5th, 2013
More about security and privacity
The issue is recurrent, since the internet (the middle physical´s initial) and Web (the popular application that started in the 90´s) were expanding it became more frequent, and is now a priority issue on the destination Web.
Now with former hacker official U.S. government announced the spying on American citizens and on other countries, it has become more important on the Web.
But security and privacy should not be treated as a single topic, although it is impossible to separate one from the other, in the privacy the individual knows what information people who allow them to be collected and published, and knows how to treat this information, but this should know how control this privacy.
According to an article from AT & T this information may be collected and would be correct to look at them.
Here comes the aspect of safety, only security should include factors that include physical security and human, ie “only security information” where factors including business, physical integrity of persons and / or disaster recovery may be included these factors, there is an international standard for this to ISO 17799.
Safeguarding customer information, this means that any site or social tool (not just Facebook, but mostly he) must protect the security, confidentiality and integrity of information from a “client”.
Management and Identity and Access Management (IAM, Identity and Access Management walks), which is undoubtedly the most critical factor of privacy, but not always given due attention because of the difficulty and cost of implementation.
Users are often employees, customers, suppliers, or a simple computational access to the environment and engage in corporate services without knowing what they do. The environments themselves are becoming increasingly complex, make offers “knowing” the taste of the client, exploring their consumption capacity and interconnecting applications.
The clouds are a particular danger for this invasion of privacy, SOA (Service oriented Architecture), since his own role as a service is to use the functions or services and not just traditional applications, and this causes the control access more difficult.
Security, coding, testing and application management is another risk factor, as application attacks have a great success due to the ease of vulnerabilities in most program code, programmers are famous for, the risks of programs written in Java, but weaknesses imply how many programs and services have been implemented.
Such findings may be accidental, such systems have recently been discovered in Apple’s iOS and Androids, showing that this is not the privilege of any company, but they are important as they are detected and remedied when companies advise their customers as part of a recall, but this is not done.
The safety aspects are not few, but should also include: protection and data encryption, protection against malware (viruses), managing and monitoring operational risk.