Can security's human side stop data breaches?
Shira Rubinoff was a practicing psychologist in 2004. When it came to technology, her experience was simply as a tech user, certainly not a tech guru. Then one day she was phished.
"After it happened, I was like: "There's got to be a better solution out there. Because once you put security in people's hands, so much can happen."
Rubinoff decided to take her background in human behavior and turn it into a security software firm that taps into how the mind works in order to prevent phishing attacks. Her New Jersey-based company, Green Armor, provides a product that uses a visual cue on the Web log-in page that is unique to each user of the site. The cue is generated using a mathematical formula based on the user id. It uses a colored box and a short word, a method she developed after extensive research and experimentation about how users memorize and retain information.
The idea, according to Rubinoff, is that users will know if something is amiss much easier than with the usual authentication techniques currently used by many online banking and other secure sites.
"This approach deals specifically with the humanistic factors of technology," said Rubinoff, who was recently named a "Women of Influence" award winner at the Executive Women's Forum because of her work on the software. "I think other technology out there look for technology problems. They forget there is a person sitting behind the computer that is very easily manipulated."
Human behavior is increasingly becoming a hot area of focus in security. In fact, a new study from networking giant Cisco says risky behavior tops the list of reasons for security breach. The study, which surveyed 1,000 employees and 1,000 IT professionals from various industries and company sizes in 10 countries, was conducted to examine security and data leakage at a time when employee lifestyles and work environments are changing dramatically.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
data breach
Powered by TwitterOn Twitter now
data breach
Brian Proffitt
Microsoft/Novell: Breaking Down the Coupon Numbers
Esther Schindler
Drupal's Dries Buytaert on Building the Next Drupal
Tom Henderson
Top Ten General Operating Systems Rants
pasmith
PS3 motion controller delayed; goes up against Project Natal
sjvn
Neolithic Windows security hole alive and well in Windows 7
claird
Perl source code comparison makes for good reading
mikelgan
Cell phones don't create stress or interrupt much
Sandra Henry-Stocker
How to: The Unix Interview
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
- Ubuntu advances: Why Ubuntu server installations will surge in 2010
- Social media marketing: How to make friends with benefits
- More...
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
