Cyber Attack Impacts Another Large Business

Sally Beauty Supply is the latest company to have their systems breached because of a cyber attack. Confidential customer data, including credit card numbers, were stolen.
In early March, Sally Beauty representatives discovered that at least 25,000 credit card numbers were uncovered.
“Our customers remain our top priority,” Chairman, President and CEO Gary Winterhalter said in a press release.
Sally Beauty joins the list of retail organizations to be hacked within the past several months, joining Neiman Marcus and Target.
Start thinking proactively about your security and compliance before it’s too late; nobody is immune. Where are the gaps in your systems?
Find out today. Call Wendy Sanacore at TxMQ, 716-636-0070 (229) or email wendy@txmq.com
source: http://m.bizjournals.com/dallas/blog/morning_call/2014/03/sally-beauty-data-breach-is-bigger-than-earlier.html?r=full
(Photo: From screensaver by iProton.)

What's Worse Than Being Robbed?

What would you say is worse than being hacked? My answer is “not knowing” who hacked you. Without having any idea of From where, By whom or Why, some companies have trouble even determining what was stolen when today’s pirates only copy the information and leave it in place. I have coined these types of attacks as “in-place attacks!” These are hacks where the target does not even know anything is missing so no security measures are taken after the fact.
For example, someone takes your wallet out of your jacket at a party. They copy your credit card and address from your driver’s license. They then return everything back to your coat pocket without you knowing that it was ever missing. Your account could be wiped out without you even knowing you were robbed.
In the case of Target being hacked, authorities are now still trying to figure out who hacked the large retailer. A 17 year old? The Russian mob? They have figured out the how. They know the why. They almost know the location from which it was done. But there are still many questions that remain. Was that the only intrusion? Are there other access points? Are they safe now? The fact that the Target stock price has yet to regain its strength demonstrates that consumers are wondering the same thing.
As embarrassing as this incident is for Target, it gives businesses today a “heads up.” How secure is your online commerce site? Do you truly have a grasp on your vulnerabilities? When was the last time you had a 3rd party assessment done, end to end?  Have you securely closed all of your “windows and doors” in your infrastructure? How long would it take you to know that you were a victim of an in-place attack?
At TxMQ we have specific skills on governance, security and eCommerce that will allow you to build a new system or “harden” an existing one. We also offer assessment services where we can help you identify current gaps.
What do you think?
TxMQ: Learn more!

IBM discusses DB2 for z/OS security best practices

Security is a main issue for companies and there’s no such thing as too much of it. DB2 for z/OS just released version 10 and it’s one of the most exciting releases in 20 years.
Roger Larson, DB2 for z/OS Technical Evangelist at IBM states that for some situations your basic security is adequate. However, in other instances, you’ll need the absolute best security practices offered.
The tools IBM offer range from very tight system controls to fairly basic techniques applicable even with public information on the web. There are choices when it comes to security and understanding your options is very important.
IBM proposes that enterprises that want to succeed in such a challenging business climate focus on four key areas to ensure that their information infrastructure can support the business goals.
Those key areas include:
– Information availability
– Information security
– Information retention
– Information compliance
IBM information infrastructure will help businesses get the right information to the right people when they need it in a safe and secure manner.
DB2 for z/OS has a very solid reputation for world class security and world class business resiliency, and they have been building stronger encryption solutions on an ongoing basis.
Read more about IBM’s security techniques here.