Here’s why companies are still getting hacked
Companies are getting it wrong when it comes to protecting their data. Here’s why, says Ken Levine.
Sourced through Scoop.it from: www.cnbc.com
Even the Trojans knew what it meant to have the bad guys inside the wall. Quick sudden death. And still we keep investing in higher walls and more secure gates (firewalls). Of course, we still need them to keep the nobodies out, and, yes, we need to keep investing in our fences and walls. But, we must realize that there is no such thing as a “private network” with trusted users, devices, servers and safe zones.
The only way forward is the “zero trust” approach where we protect the actual data at rest and in transit, always encrypted. Authentication has to be smart and adapting to situations, where transactions out of the ordinary sounds alarms as well as adds more factors to a multi-factor requirement. For instance, if you log on from a new place or at a time that you usually don’t, you should automatically be required to authenticate with for instance a pin code on your phone or some biometrics.