jump to navigation

Never Secure Enough January 28, 2009

Posted by Chuck Musciano in Leadership, Technology.
Tags: ,

Many are predicting that 2009 will be a big year for The Cloud, wherein many companies will move many of their applications to the cloud, away from premise-based servers and storage.  A lot of the conversation about this revolves around network speeds, processor virtualization, and storage aggregation.  Although all of that is important, I’m more concerned about security.  More specifically, who in the cloud can see my data?

When I host an application internally, I have extremely tight control over access.  Not just who can use the system, but how the administrators can access the system and the underlying data.  We have layers of controlled access with specific checkpoints and audit trails.  Every access must be justified, documented, and audited on a regular basis.

When I shift a system to the cloud, I typically retain the ability to manage end-user access, but have no control over administrative access at the other end.  Of course, the hosting company will swear up and down that every precaution has been taken to keep anyone from ever seeing my data.  In reality, I have no idea what they really do behind the scenes, and I have no way to completely verify their claims.

The recent Twitter hack is a great example of this.  An admin at Twitter used a plain word (“happiness”) as their password. This was hacked by a person using a simple dictionary attack, trying every possible password until they broke in.  Once inside, they had immediate access to the Twitter management tools and proceeded to gain control of a number of high-profile Twitter accounts.  Fortunately, Twitter is a lightweight application with no important data that could be compromised. Still, people were embarrassed and disrupted by the penetration.

A chain is only as strong as its weakest link.  A system is only as secure as its weakest access point.  When you move your systems to the cloud, your data is only as secure as the worst password used by the least experienced administrator.

I believe I’ll wait a bit longer before moving to the cloud.

[tweetmeme source=”EffectiveCIO” alias=”http://j.mp/cio161″ only_single=false]

Say The Secret Word! January 19, 2009

Posted by Chuck Musciano in Random Musings, Technology.
Tags: , , ,
add a comment

It has become fairly common for sites to enhance their security by asking you to answer a few “secret questions” to confirm that you are, in fact, you when updating account information or even just logging in.  As a result, users now have the opportunity to forget several bits of information for each web site they visit, instead of just forgetting their password on a regular basis.

We use this approach at my company, where users can reset their passwords by answering special questions.  The system we use even lets people pose their own questions, which led to one user to create this question:

Question 1: How do you feel today?
Answer 1: Good

So far so good.  Here is their second question:

Question 2: How do you feel today?
Answer 2: Bad

I kid you not.  Not surprising, this user eventually forgot their password, and it took quite a while for us to figure out why they could never access the automatic password reset system.

Here’s my helpful usability tip for the day: No matter what the secret question, use the same answer every time.  Choose something different from your password, but use it consistently.

People are astounded when I suggest this.  It never occurs to them that the system cannot check to make sure that “groucho” really is the name of the first person you kissed, or your first pet, or your second grade teacher.  It just wants a string of characters that only you know.

Before all the security people reading this freak out, I’ll concede that this is not a security best practice.  It leaves you vulnerable to some tiny chance of a security breach.  You assume all the risk if you choose to go this route.  Et cetera.

But in reality, this is much better than the approach most people take, which is to write all this stuff down on a Post-It note and stick it on the monitor.  (Security-conscious users put the Post-It under the keyboard, or in their desk drawer.  Thanks for incorporating physical barriers into your security practices!)

Security breaks down when security systems are too complicated. People revert to simple solutions just because they want the computer to get out of the way and let them accomplish the task at hand. We need to stop creating complicated, unusable systems and focus on simple, usable ones. With security, as with everything else on earth, it is tough to make things foolproof because fools are so ingenious.

Brownie points to readers who know why I chose “groucho” as my answer!