Thursday, 31 October 2013

Life In The Hacked Lane

If you do the Twitter thing, follow me at @hotpixUK
or LinkedIn here uk.linkedin.com/pub/tony-smith-bsc-hons-acih/a/979/351/

What a week it was. My favourite German Chancellors phone, an estimated 10 million Europeans and 2.9 customers of Adobe's Creative Cloud hacked. See http://blog.gsmarena.com/some-2-9-million-accounts-compromised-in-adobe-creative-cloud-hack/

Last month too, hackers got close to fleecing Santander using a £10 KVM switch attached to an office workstation. I bet you have the odd KVM switch lying idle in your server room, don't you?

So, in theory I might have been in that list somewhere. Due to inter-nation eavesdropping rules, my emails etc likely might have been hacked more likely by the French or Italians than GCHQ. I doubt they would have understood my housing IT rants. Still it demonstrates that hackers are live and well, applying maximum imagination and originality as ever.

It does all open up that debate about "How secure is cloud hosted data", when apparently the telcos may well be providing wire tapping at a data level? Is it all paranoia and conspiracy theory's?

More and more housing applications are being delivered in a cloud based form. ReAct is one we have used for years, without too much fuss, which holds address, contact, victim and perpetrator details, for instance. Payment solutions you use (including that Alliance & Leicester, now Santader one), may also hold debit, credit, payment card, sort codes and bank account details.

If your whole Rent Accounting module is cloud hosted, huge amounts of personal customer/resident data is potentially present. Maiden names, dates of birth, password confirmation questions etc. However secure that data in the hosting domain, could someone be listening to it being piped into your office?

While these places may hold partial data on your residents and their neighbours, with card strip codes not held, there's potential for some of the minimal data being enough to allow identity theft to occur by a telephone call and a reset. Identity theft complete. Identity thieves typically obtain and exploit personally identifiable information about individuals, or various credentials they use to authenticate themselves, in order to impersonate them.

Chatting to a friend a few weeks ago, who works at a chip design company, have recently invited a hacker in to try to crack security. With the aid of a spoof router, and a Pringles tin to enhance his wifi detection while parked across from the HQ on the street, he had located all the servers on the network in about 24 minutes and had a dozen back-doors into very valuable commercial designs using in Samsung & Apple devices. It just showed me how vulnerable we can be.

I hope your organisation has robust data protection and security policies. Also that they are continually reviewed and tested, particularly in the light of recent hacking prowess. Security and awareness of it does not start and end just with that RSA key generator device. One of the biggest risks might well be your own staff, or unauthorised visitors tail-gating in behind them. Be imaginative, as much as the hackers, if you can manage it!

Read on to: A new Windows 8 style housing management system coming soon, on a tablet near you 

You can link with me on LinkedIn here - uk.linkedin.com/pub/tony-smith-bsc-hons-acih/a/979/351/ It would be great to connect !

The Eagles - Life In The Hacked Lane .


(c) Tony Smith, Acutance Consulting www.acutanceconsulting.co.uk 07854-655009

PS As usual, if there are subjects you might like me to tackle on this blog, please get in touch and let me know!

File Under: 360,1stTouch,4Js. 07854-655009 , 07854655009 , 07854 655009 ," ""07854 655009"" ",07854-655009,#UKHousing,1st Touch,3squared, Acutence,Aareon,Academy,ActiveH,Alignment,ALMO,Anite,Apex,ArchHouse,Archouse,asbestos,Asprey e-state pro,Asset Management,Aurora,Average IT Costs,App,Associates,ACL,Abritas,AMS,AX,aspireview, BO,BPR,Browser Applications,Business Objects,Business Process Review,Business social networking, Blockwise, Block wise,BI,BancTec,BluTek,Bluebox, Castle,CBL,Cedar Open Accounts,Cx,Change,Cheaper Housing IT,Chics, CHR,Citrix,Civica,Clearview,CMS , CCS IT Keystone CCSIT, Contractor Systems,CORE,CorVu,Cost Reductions,Covalent,CRM,Crystal Reports,CTI,CTX,Customer Relationship Management,Cashflow, COA,Coactiva,Codeman,Comino,Competitive Dialogue process,complex IT procurements,Component Accounting,Consilium,Consolidation,Consultancy,Consultant,Contact Manager,Context,CIH,Chartered Institute Of Housing,Cadcorp,Cerrus Saturn,convergeOne,CACI,CPL Director, Deeplake,Development Systems,Document Management,Documotive,datasystems , Microsoft dynamics GP 2013 ECMK,EDRMS,England, English,EnterpriseBI,ERP Systems,ERP,Elmhurst,Estatecraft,EDM,ESRI,Exponential-e, Finance,Financial Systems,Financials, Factorwise,Facebook ,Fusion, Getting best from,gotonysmith, Grasp,Grip,GeoSolveIT,GIS,GGP, HouSys,Housing software,HG,Housemark survey,Housing Blueprint,Housing Group,hotpixuk, HousingIT,hotpix,Hardware,Hitex,Housing Contact Company, Impact Response,implementations,In House,In4,Infoflow,Information Technology,Informix,inHouse,in-house workforce, Innovation,Inside Housing,Internet Portal,Invu,Ireland,Irish,IT Budget,IT Training,iWorld, Innovation Group Apex,ITIL, In4Systems Promaster,IT,Insight, Keylogic,Keystone,Kirona,Kypera,Keyfax, Ledgers,Linkedin,Locality,Liquid Voice, MD ,Mr Void , MrVoid, Measuring Change,Mebus,Miracle,MISCS, mobile functionality,Monopoly board images and pictures, Montal,MS Dynamics,MS Dynamics CRM2011,Miracle Software,Management Reporting,MI,M3,MIS,MIS-AMS,Mobysoft, Northgate Codeman,Neighbourhoods and Communities, Northgate,Notice,NROSH,NINTEX , NINTEX workflow,Nintexworkflow, OA,OGC Buying Solutions,Ohms,OJEU Limits,OmFax,Omniledger,Open source software,open tender,OpenHousing tonysmith@hotpixuk ,,Opti-Time,Oracle,Orchard,Outsource and outsourcing,OpenContractor,ORS,OneServe, PIMMS Data Systems, Paloma,performance management systems,PfH,Pick,PIMMS,pimms4communities,Planned maintenance,People Value,Plus,Peoplevalue,PM,Progress,Promaster,Proval,Pyramid,PRINCE2,prince,Pamwin, QL,QLX,Quiss,Qlikview, Registered Providers,Registered Social Landlord,Rent Increase Freezes,Repairfinder,Reporting,Reports,ROCC , Rocket,RPs,RSL,Reality,ReAct,reidmark,RM865, Saffron,SAP,Scots, Scottish,Scotland,SDM,sector,Server Virtualisation,servicing, Servitor,Sharepoint,Simdel,Simdell,Slash and Burn,Social Media,Software,SQL Open Housing,SQL Reporting Services,SQL reporting services,SQL Server,Star rating,Stores and Stock,Strategic Asset Management,Sunguard ,Surveys,Sx3,System alignment, Systemwise,SM,Sequoa,Serros,SP,Scout,score,Swordfish,Serengeti,SOTI,south view,Sunguard,Service Charges, Template,Task,Terminal Services, tonys , tonysm , tonysmi , tonysmith, tonysmithth, tonysmiththa, tonysmiththat, tonysmiththath, tonysmiththatho, tonysmiththathou, tonysmiththathous, tonysmiththathousi, tonysmiththathousin, tonysmiththathousing, tonysmith@hotpixuk , tonysmiththathousingg, tonysmiththathousinguy, sharepoint, share point Three Star,Today,Total repairs,Tribal,Twitter,U2, tonysmith , tonysmiththat , thathousing , thathousingIT , thathousingITguy ,TED,Tagish Casework,TP Tracker,Telecetera,Tagra,Trace, UniClass Enterprise,Unidata,Universal Housing,Universalcredit, universal credit, universal credits,UC,Universe,Unrest, UK, United Kingdom ,Ukhousing,UK Housing, Van Stock,Voice and data,Vantage Sentinel,Version One,Visualmetrics,Voluntas, Wales,Welsh,Windows Server,Workflow and tasking,Wheatley, Xmbrace,XML ,XenApp,Xen App

No comments:

Post a comment