Jonathan Radford our CFO is one of the least techy guys you could hope to meet. He is often also the source of ideas for this “technical” blog because technology now reaches absolutely everyone on this planet one way or another.
Today he came up for a chat about Internet 2 and Project Phoenix and left me with a newspaper clipping from the FT (I said he wasn’t a techy – anyone else would have sent me a link). The point is though that the technology related article interested him because he could understand its implications for him personally.
The article concerned internet pioneer Vint Cerf’s comments re the need to start again with internet security. The internet is an open network currently running on the basis of trust. Starting again Cerf says he “would have put a much stronger focus on authenticity or authentication” and quoted Ori Eisen’s Project Phoenix as an example of the way forward (see original FT article for more on this).
You only have to note the recent spate of Twitter spam attacks to understand why a rethink on network security is necessary. People’s Twitter accounts have been compromised and have been sending Direct Messages to their followers with the text “Bad blog going around about you, heard or seen it yet?” and a link to a website that will rip your own Twitter credentials.
You might think having your Twitter account compromised is more of an embarrassment rather than a big security issue but do you by any chance use your Twitter password for other online logins? You might be opening up the door to a Pandoras Box of information about yourself that could be very interesting to someone trying to steal from you.
None of the recent scams have caught me out but it must just be a question of time. One weak moment when I’m tired …
Note the subject of security was high on everyone’s agenda at last week’s IT Directors Forum. It mostly related to the issue of Consumerisation of IT and people bringing in their own devices for use in the office. The extent to which this was a problem depended on whether you were in a regulated industry or not but it was still a general concern.
It seems likely to me that were we to live in a properly authenticated internet world then CoIT and BYOD would be less of an issue as everyone would be using appropriate measures to secure their personal data. It is something we do need to sort because I am getting to the point where I often don’t click on a link just in case it is malicious, and that ain’t good.
PPS my 11 year old’s school homework over the weekend concerned online safety. Was a good opportunity for me to chat to him about it.