Shira Rubinoff was a practicing psychologist in 2004. When it came to technology, her experience was simply as a tech user, certainly not a tech guru. Then one day she was phished.
"After it happened, I was like: "There's got to be a better solution out there. Because once you put security in people's hands, so much can happen."
Rubinoff decided to take her background in human behavior and turn it into a security software firm that taps into how the mind works in order to prevent phishing attacks. Her US-based company, Green Armor, provides a product that uses a visual cue on the Web log-in page that is unique to each user of the site. The cue is generated using a mathematical formula based on the user id. It uses a colored box and a short word, a method she developed after extensive research and experimentation about how users memorize and retain information.
The idea, according to Rubinoff, is that users will know if something is amiss much easier than with the usual authentication techniques currently used by many online banking and other secure sites.
"This approach deals specifically with the humanistic factors of technology," said Rubinoff, who was recently named a "Women of Influence" award winner at the Executive Women's Forum because of her work on the software. "I think other technology out there look for technology problems. They forget there is a person sitting behind the computer that is very easily manipulated."
Human behavior is increasingly becoming a hot area of focus in security. In fact, a new study from networking giant Cisco says risky behavior tops the list of reasons for security breach. The study, which surveyed 1,000 employees and 1,000 IT professionals from various industries and company sizes in 10 countries, was conducted to examine security and data leakage at a time when employee lifestyles and work environments are changing dramatically.
"We conducted this research in order to understand behavior, not technology per se," said John N. Stewart, chief security officer of Cisco. "Security is ultimately rooted in users behavior, so businesses of all sizes and employees in all professions need to understand how behavior affects the risk and reality of data loss - and what that ultimately means for both the individual and enterprise."
The research found one in five surveyed admit to altering security settings on computers. Additionally, one of four employees admitted verbally sharing sensitive information to non-employees. And a whopping seven in ten surveyed said they regularly use unauthorized applications at work.
Similar findings from consulting firm Deloitte earlier this year back up the Cisco research. A Deloitte survey of more than 100 companies found 75 percent cited human error as the leading cause of security failures.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Radicati Market Quadrant 2008 on Corporate Web Security
Dude! You Say I Need an Application-Layer Firewall?!
Achieving the impossible: Unlimited application scalability
Simplify, Integrate and Secure: Providing Secure Access to Server-based Information and Resources Across Platforms
Delivering the Power of Choice with Microsoft Dynamics CRM
Simplify and Secure: Managing User Identities Throughout their Lifecycles
Discover the advantages of an open architecture multi-vendor network solution
Simplify, Integrate and Safeguard Your Business with Secure Web Business Enablement
Zones provide focussed content from Computerworld and leading technology partners.
Security Management
Protect your critical IT assets, achieve sustainable regulatory compliance, reduce IT administration costs and enable new business opportunities with our IT security solutions.
IT Security as a business enabler?
Download Whitepaper
|
Success Stories
Australian Unity minimises costs and maximises productivity with single sign-on for 1,400 users
Australian Unity needed to address its business and security risks including user management and application security management. The company chose an enterprise single sign-on (ESSO) solution and discovered increased employee productivity, reduced help desk costs and elevated data protection.
Download the full Success Story
BT saves more than £15 million and improves customer services with comprehensive Identity & Access Management
To enable future growth and ensure its services remain competitive, BT needed to build closer relationships with its customers and suppliers. Discover how the company is now performing over 36 million transactions a day with their improved Identity & Access Management Solution.
Download the full Success Story
Identity & Access Management
Simplify and Secure: Managing User Identities Throughout their Lifecycles
Organisations are constantly challenged to keep pace with ongoing changes to users and their roles, responsibilities and requirements. Discover how CA can help you create a unified approach for managing users identities, providing them with timely and appropriate access to applications and information.
Download Whitepaper
Simplify, Integrate and Safeguard Your Business with Secure Web Business Enablement
Modern organisations are required to aggressively expand the number and type of Web applications and services provided to customers, partners and employees. Discover how to automate, delegate and centralise your key processes and services including user administration, access policies, auditing and compliance by reading on.
Download Whitepaper
Simplify, Integrate and Secure: Providing Secure Access to Server-based Information and Resources Across Platforms
Distributed servers are a powerful asset in any company’s infrastructure. Over time, most organisations have acquired a variety of different platforms and are relying on them to house an increased amount of critical applications, processes and data. Read on to discover how you can achieve a consistently higher level of server access security across multiple platforms including virtual hosts and guest operating systems.
Download Whitepaper
Buying Guides
Latest Products
Buying Guides
