Retina ScanOK, “souls” is alliterative, but a bit over the top.  How about instead “selling our bodies for security,” such as our retinas, our fingerprints, or our faces?  Multifactor authentication is indeed a useful security access control, the combination of two or more of (1) something you know, (2) something you have, and (3) something you are.  Thus, requiring both a password or PIN (something you know) and also a token or certificate (something you have) should be more secure than merely requiring a password.

The problem is that as biometric authentication becomes more widespread, our immutable characteristics are in play, in a when not if world of data breaches.  Getting hacked can cause harm and embarrassment, but if biometric authentication becomes widespread, the post-breach “loss of face” will be literal … and also permanent. Continue Reading Selling our souls for security

Hammer ponding computer keyboardPoor data. Though more essential to business than ever before,  data is simultaneously frustrating for its inaccessibility, intimidating in its volume and complexity, distrusted for its unreliability, maligned for its management costs, and feared for its litigation, privacy, and security risks.

But let’s not cast business data as the culprit. Data is basically inert.  It sits where we store it, goes where we send it, does what we (or some system programmer) tell it to do, and is as secure as the safeguards we provide.  Data is not the “actor” – good, bad, or indifferent.  We are.

If we’re honest with ourselves, we can see that most every problem we experience with business data has its root in what people do, or fail to do, as individuals, work teams, or organizations:

Continue Reading People don’t have data problems ….