BANKERSONLINE.COM MAIN PAGE             Print Friendly Version!    Email This Article!    Discuss NOW!
October 31, 2008
Update covering October 24 - October 30, 2008

Welcome to Tech Talk! In this edition, Tech Talk Editors Andy Zavoina and John Burnett write about eBanking, smart phones, and more.

Our selections from this week's tech news:
  • a new eBanking security device
  • making security policies fit
  • smart phone security tips
  • stolen accounts uncovered
  • ID thefts for hacking
  • Android proven vulnerable
  • Sony burned by hot batteries
  • Social nets at work
  • TSA's enhanced security program
  • Microsoft's cloud computing plans
  • Goodies from Google
  • Goodbye to Firefox 2
  • Hello to Windows 7 Beta
  • Angry student nets jail and fine
  • Virtual crime, real world time
  • On the lighter side ...
Get the details below.

Securing Information Assets - What's Your Weakest Link?

November 20, 2008

Susan Orr

IT security has become more sophisticated as threats have become more complex. Security managers have focused on threats from outside the corporate network, web-based attacks, Trojans and malware. All that attention devoted to outside threats, however, may have compromised some basic internal controls. As shrinking profits or growing losses force staff reductions, it's more essential than ever to get back to some of the basics of old-fashioned security to make sure that it's only employees walking out the door.

New eBanking security in your hands
IBM is announcing a new security device to make eBanking safer for your customers. Dubbed a "Zone Trusted Information Channel," it is a handheld device that connects to a PC. Softpedia has the story, and YouTube has a video demo.

When IT policies aren't workable
Cisco commissioned a study of 2,000 employees and IT professionals in ten countries, including the U.S. A recent article discusses situations in which employees have violated IT security policies because they didn't believe they would work in the real world. If the policies you have tie the hands of your staff, you have to decide whether it's more important to get work done or to have policies complied with. What can you do? Read the Networkworld article.

Get IT smart about smart phones
Eric Ogren writes in his blog that IT needs to be proactive with smart phones and think of them not as cell phones, but as personal handheld computers. Why, and what you need to consider about security are in this Computerworld blog.

Half million accounts grabbed by gang
RSA's FraudAction Research Lab announced Friday that it had uncovered a trove of more than a half million compromised bank, credit and debit card accounts stolen in the last two-and-a-half years by a single group of criminals. Although the whereabouts of the gang members is unknown, they all appear to have used variants of the same "family" of spyware collectively known as the "Sinowal" Trojan. Brian Krebs has more on this discovery in his Security Fix blog.

Good email gone bad
You have spam filters at your ISP, on your own mail servers and in email programs like Outlook. They can do a very good job of saving you time and reducing risks associated with spam and the illicit payloads some of these messages can carry. But hackers have gone to the next level as they commit identity theft on legitimate email senders and register many new "valid" addresses under the stolen names, all to send you malware. Read more on this threat at PCWorld.

GLBA Risk Assessment Help
Need help with your GLBA Risk Assessment? CoNetrix has developed an online tool that includes a questionnaire and multi-step process to assist you in identifying likelihood, potential damage, and risk level; assigning controls; and defining a compliance plan. To learn more, visit or call us at 1-800-356-6568.

Google Android OS hacked already
Released just over a week ago, the Android operating system from Google has already been hacked. Charlie Miller of Independent Security Evaluators in Baltimore and two other individuals were able to break into the new OS and redirect the web browser. They have notified Google in hopes that a patch will be issued. For more, see the story in VentureBeat.

Recalling Sony batteries
Sony announced the recall of 100,000 PC battery packs, including 35,000 sold in the U.S., due to potential fire hazards. The latest action follows last month's recall of 438,000 Sony Vaio laptops due to battery problems. Reuters has more on this story.

Social networking with a business use
Social networking isn't restricted to the kids in school. Networking and peer-to-peer file sharing sites are increasingly being used for business purposes. Your job under IT is to ensure that if social networking sites are used in your bank, they are used responsibly. For information on use and security, read this Networkworld article.

Happy birthday from the TSA
The Transportation Security Administration (TSA) has finalized its Secure Flight program. Beginning in 2009, your airline reservations will include your full name, date of birth and sex. The intent is to speed up the comparison of passenger lists and the government's terrorist and "no-fly" lists. Read more on this story in Computerworld.

Microsoft goes to cloud computing with Windows Azure
Microsoft is announcing Windows Azure which will facilitate users' accessibility to web-based applications without a need for server farms owned or operated by the user or the user's business enterprise. Azure can assist users who need access to applications and data from the office, home, a laptop or even a smart phone. Read more in this AP story.

Jargon Watch: Cloud Computing
The internet is the "cloud," hosting applications that are accessible to authorized users. Cloud computing provides the same applications to all users, without the need of specific infrastructure, expertise, knowledge or control requirements on the business enterprise. The information is stored on servers and not on individual computers, requiring less computer power and a more robust backup process managed at the server level.

Gmail gadgets and goodies
Gmail users will see more treats than tricks with the new goodies Google is offering. Without leaving Gmail, users can view other Google apps such as Docs and their Calendar. This should help make the most of restricted screen real estate. Read more on these changes in The New York Times.

On the lighter side ...

The digital TV conversion is coming. Lucky for us it is simple. Well, maybe not so simple for everyone. (This makes you think hard about how simple eBanking can be too.) Flixxy has this week's video.

Firefox 2.0 RIP
If you are a Firefox 2.0 user who just hasn't wanted to update to the 3.0 version, it will soon be time. Mozilla will retire Firefox 2.0 in December and plans limited updates until then. Techworld has the details.

Windows 7
Whether or not they ever made the switch to Vista, many Windows users are ready to hear that "Vista has left the building." Buzz is building (along with user's hopes) as Windows 7, the new Microsoft operating system in development, is being shown in its beta form. Many Vista problems are being resolved, but are all the complaints being addressed? A CIO article has more on this story.

DDOS retribution leads to jail
University of Pennsylvania student Ryan Goldstein was miffed when he was banned from an Internet Relay Chat group. He decided to use university servers to launch a distributed denial-of-service (DDOS) attack against the IRCs, but his attempts crashed one of the servers. His sentence could have been worse: he earned himself 90 days in jail, 90 days in a halfway house, 180 days of house arrest, a $30,000 fine and a $6,100 restitution to the university. Perhaps an anger management course should be in his plans. For more on the Goldstein story, read Computerworld.

News of the wired weird
A woman in Japan was participating in an online role-playing game. Her virtual husband suddenly divorced her. She "murdered" his avatar and is now facing up to five years in jail or up to a $5,000 fine in the real world. Why? You have to read the MSNBC story for that.

Fall Back -- In Time
November 2nd is the date to set your clocks back an hour, with the end of Daylight Saving Time. Don't forget desktops, laptops, PDAs, cell phones, cameras, security VCRs and just about any other clock that wasn't in sync with the last time change. Adjust your vault timers, and enjoy the extra hour's sleep Sunday morning.

Subscribe to Tech Talk and BOL Tech Advisories

In the Banker Store

CD ROM Training
Implementing the Red Flag Guidelines
FACTA: Responding to Identity Theft (Video)
Video Training
FACTA: Responding to Identity Theft
CD ROM Training
e-Disclosures, ESIGN, UETA and Regulatory Changes
Archived Articles on Technology and eBanking
You have access to archived Tech Talk pages and Tech Alerts on BankersOnline's Technology & eBanking Archive page.
Plus, you'll find the latest technology and eBanking articles and guru Q&As there, too. You'll find many more related articles in our InfoVault.