As the digital storehouse of sensitive data grows, the quest for secure authentication continues. Heartbleed jarred many of us. Data on our most popular (and presumably better protected) sites was exposed and, in some cases, compromised. The introduction of biometrics was a step in the right direction but Heartbleed reminded us that biometrics only protect a device; currently, such technology doesn’t fend off hackers from laptops, desktops, and the individual websites and apps that we use each day. Most of our data is still protected via password and even the cleverest passwords meet their match when hackers are intent to crack them. This poses a huge hurdle for companies whose user passwords protect countless pieces of sensitive client information. Fast Identity Online Alliance (FIDO), whose members include the likes of Google and PayPal, seek ways to decrease dependency on passwords. Its goal is to develop “technical specifications that define an open, scalable, interoperable set of mechanisms that reduce the reliance on passwords to authenticate users.” In other words, create simpler, stronger authentication. One of FIDO’s most recent innovations is a piece of hardware, simply called the authenticator, that may replace individual passwords. The hardware will communicate directly with the websites that you’re visiting, creating a distinct digital key for each digital lock. No access information is stored remotely, reducing hackers’ access to pools of passwords and the information that they protect. The hardware itself may rely on biometric access to prevent misuse if lost or stolen. FIDO’s authenticator is still under development but its business potential is evident. Employers could issue the hardware to employees, limiting potential human errors. Employees would not have to worry about changing passwords every 90 days, creating weak passwords, forgetting or sharing their credentials. Even if a device is a...
Averting Data Disaster...
Multifamily best practices
With an interest in marketing, job title based in IT, a strong grasp of social media and a passion for real-life residents, Bill Szczytko has earned a following as someone who can be counted on to deliver prescient insight about apartment management. His network of contacts in the industry is nationwide, and he effectively uses Twitter to gain a grasp of what fellow multifamily professionals are talking about this very minute. He’ll appear at the upcoming Apartment Internet Marketing conference next Monday and Tuesday in California, where he’ll talk about avoiding landmines while doing business online. He shared a sneak peek into what those landmines look like in a recent interview. What are the most worrisome threats that multifamily firms might face from hacking? Szczytko: The most worrisome threat we face is our own complacency. Hackers want one thing. Information. This information can be social security numbers, credit card numbers, and bank account information. Some try to obtain this information for the fun of it but most use this information to make money. There are many ways they try to get it. Viruses, phishing schemes, brunt force attacks, and hacking weak user account information. Most threats can be avoided just by being smart about how you surf the internet and the kinds of passwords you create. What best practices are necessary for a company seeking to protect itself in the online realm? Szczytko: It’s essential that you have several things in place. First, is a password policy that walks a good line between passwords people can remember and security. Second, is a form of antivirus running on the company machines. The best antivirus is always you but it’s hard to get people up to the same level in regards to what is dangerous online...