Learn the smart way of securing file transfers and system administration

 

Plaintext Telnet and FTP connections constitute a serious risk to the integrity of enterprise networks. Due to the challenging new legislations, stricter auditor requirements, and more sophisticated network attacks, security is no longer an option – it is a must.

Join us on with our SSH Webinar about “Securing File Transfers” and we will introduce how easily and cost-effectively you can implemement secure file transfers in your heterogenious network.

In this Webinar you will learn about:

•  Different file transfer techniques used by enterprise IT today
•  The key challenges and requirements related to security of automated file transfers
• Key benefits f SH tectia as your chose for secure file transfer solution

You will also be introduced to the latest number of the SSH Tectia solution, the new SSH Tectia ConnectSecure for enhanced file transfer capabilities for all SSH environments including OpenSSH. 

Date:   Thursday, 18th September 2008

Time:   4 PM Singapore

4 PM Malaysia

3 PM Thailand 

3 PM Indonesia

4 PM Philippines

 

*(Please check your time zone for the correct starting time in your region)

 

 

Register today for this informative seminar!

‘I’ll be back’: Vetoed data breach bill goes to Schwarzenegger again

Supporters optimistic that California governor won’t say ‘hasta la vista’ to amended bill

An amended version of a closely watched data breach bill that was vetoed by California Gov. Arnold Schwarzenegger last October is once again headed to his desk for approval.

The bill — known as the Consumer Data Protection Act, or AB 1656 (download PDF) — basically would require retailers that accept payment card transactions to take specific precautions for protecting cardholder data and disclose more details about data breaches to consumers affected by them. But an earlier provision that would have required retailers to reimburse financial institutions for the costs involved in replacing credit and debit cards compromised in breaches has been dropped.

The amended bill was approved by the California State Assembly by a 74-1 margin on Saturday, after passing muster in the state Senate by a 34-3 margin last Wednesday.

The California Credit Union League (CCUL), a trade association that is a key sponsor of the bill, welcomed its passage by the legislature. In a statement, Bill Cheney, the CCUL’s president and CEO, expressed his hope that Schwarzenegger would “acknowledge the solid vote of approval” from California’s lawmakers and quickly sign the measure. Cheney added that AB 1656 would help strengthen consumer confidence in payment card security while enforcing increased transparency at retailers that are hit by breaches.

Melissa Ameluxen, a lobbyist for the Rancho Cucamonga-based CCUL, said in an interview today that the removal of the clause requiring retailers to foot the bill for card replacements should go a long way toward countering opposition to the bill. “The governor’s office gave us an indication that removing that part of the bill would help us move closer” to getting it signed into law, she said.

In addition to that change, two smaller modifications have been made to the original bill that Schwarzenegger vetoed. One allows retailers to retain certain kinds of data needed to process recurring payments. The other removes a previous requirement that retailers specify the exact date on which a breach was thought to have occurred. Instead, the bill now mandates that they provide only a range of dates during which a breach might have taken place, Ameluxen said.

Analysts and the retail community have been closely following the progress of the bill, which is one of the first of its kind in the country and would put some strict new requirements on businesses. For instance, AB 1656 would prohibit retailers and other organizations that handle payment card transactions from storing certain types of cardholder data even if the information is encrypted. Prohibited data types include the full contents of the magnetic stripes on the back of cards, as well as PINs and both card and payment verification codes.

Companies also would be required to set formal data retention and disposal policies for limiting the amount of cardholder data they retain and the length of time is stored. And all credit and debit card data transmitted over public networks would need to be encrypted or otherwise rendered indecipherable.

On the notification side, businesses that suffer breaches would have to inform card-issuing banks about the kind of data that was compromised and provide a toll-free phone number or some other type of contact for answering breach-related questions from consumers.

The security controls built into AB 1656 are similar to some of the requirements that retailers are mandated to implement under the Payment Card Industry Data Security Standard, which was developed by the major credit card companies and is informally referred to as PCI.

Source: Computer World

Bank of New York loses 12.5 million customer details

The Bank of New York Mellon (BNY Mellon) has admitted that the number of its customers hit by a data breach was much larger than previously stated.

The bank informed customers in May that 4.5 million customer account details, including names, addresses, dates of birth and Social Security numbers, had been compromised after two sets of tape backups went missing from a third-party courier.

However, it has now increased that figure to 12.5 million, possibly making this the biggest data breach of the year.

“It is simply outrageous that this mountain of information was not better protected, and it is equally outrageous that we are hearing about a possible six million additional individuals and businesses six months later,” said the Connecticut governor Jodi Rell.

“We fear a substantial number Connecticut residents are among this latest group. Had the hundreds of thousands of Connecticut residents affected been notified immediately that their data had been compromised, they could have taken steps to protect themselves.”

She added that she was considering levying financial penalties over the breach and instructing it to make financial restitution to customers. Her consumer protection commissioner Jerry Farrell Jr is investigating the case.

“Nothing in the data we were given in May and June by BNY Mellon indicated in any way that these additional six million individuals and businesses were involved,” said Farrell.

“This certainly raises serious additional questions about how secure personal identifying data is at BNY Mellon and widens the scope of our investigation.”

Bank of New York Mellon is the world’s largest custodial bank and one of the 10 largest asset managers. It is notifying customers about the breach, but says there is no evidence that the data has been abused.

The bank has set up a web page to keep people informed and is offering two years of free credit monitoring, US$25,000 worth of identity theft insurance, reimbursement for the cost of one placement and one removal of a credit freeze for each of the three national credit reporting bureaus to customers affected.

Source: VNUNET