Full RSS Feed
Receive
the Free CMSWire NewsletterIf you were always worried about the plug-ins you use and the security threat they might pose, Google seems to agree and has just announced that it is going to limit certain plug-ins with its Chrome browser. Social Media also poses a security threat according to the Ponemon Institute.
Chrome To Block Old Plug-ins
Security news from Google and in particular Chrome. According to the Chrome blogspot, Google is to block insecure plug-ins from running on top of the Chrome browser to ensure that it cannot be exploited by malicious websites that have inserted bugs into the plug-ins.
The blog says that the only way to deal with the problem is to stop it from happening in the first place as once they get in, hackers can take just about everything including banking passwords as well as access to sensitive enterprise information.
Many advanced attacks involve finding undisclosed vulnerabilities in the browser. Despite being harder, there has been a lot of user damage due to exploitation of non-public bugs in browsers. With this in mind Google Chrome in future will:
- Refuse to run certain out-of-date plug-ins
- Disable individual plug-ins or to operate in a “domain whitelist” mode whereby only trusted domains are permitted to load plug-ins
- Warning before running infrequently used plug-ins
This follows earlier security measures including the introduction of auto update for Adobe Flash Player and an integrated PDF viewer plug-in running inside Google Chrome’s sandbox.
Social Media And Data Theft
And with theft in mind, the Ponemon Institute (news, site) has recently published new research that shows where social media users are leaving themselves and their enterprise vulnerable to data and personal information theft.
Although more than 80 percent of study respondents expressed concern about their security while using social media, more than half of these same individuals admitted they do not take any steps to actively protect themselves.
Other key findings from the survey include the following:
- 65% of users do not set high privacy or security settings in their social media sites.
- 90% of users do not review a given website’s privacy policy before engaging in use.
- 40% of all respondents share their physical home address through social media applications.
Even though most respondents expressed concern about online security and privacy, nearly 90 percent did not feel that identity theft is a likely risk from using social media sites. Accordingly, individuals continue to use social media despite acknowledged potential dangers. It also shows:
- 60% of users are not confident of their social media provider’s ability to protect their identity.
- 44% of individuals said if they discovered that a social media provider did not adequately protect their privacy or security, they would continue to use the site.
The question now is to what extent enterprise users, given that they are almost certainly amongst the surveyed population, are disregarding enterprise security safeguards and exposing the enterprise to data theft.
Modulo Upgrades GRC software
Meanwhile, GRC specialist Modulo has also upgraded its GRC products with the availability of its next generation IT Governance, Risk and Compliance Management (IT GRCM) solution.
Continue reading this article:
Email It
