How a business should tackle security issues

Kaspersky offers some advice on what a business should do if they identify a security risk
Author:
Publish date:
1-door_and_padlock_b_w_as_req__d_by_picture_frame.png

There has been a number of hacks over the last few months on companies such as Apple, Sony Entertainment, Playstation and most recently Moonpig.

Seeing these major brands fall victim to hackers highlighting the vulnerabilities in their security levels, must make other businesses nervous.

Kaspersky Lab’s David Emm has offered some advice for businesses on what to do if they discover a similar vulnerability.

Commenting on the Moonpig hack, he said: “As we understand it, the reported vulnerability has not so far been used to steal personal information of Moonpig customers. However, it seems that the vulnerability, if confirmed, would allow an attacker to access the account details of other customers.

“Moonpig is telling its customers that all password and payment information is secure but has made its mobile apps unavailable while it conducts further investigation.”

“It’s important that companies take information about a vulnerability in their products very seriously.” Emm continues: “After discovering a bug, researchers typically try to contact the company first and give them time to fix the issue before going public with their findings.

“If this vulnerability is confirmed, and it’s true that Moonpig has previously failed to take any action to protect their customers for almost a year and a half, this is alarming - especially for a provider of an online shopping application used to transmit highly sensitive data.

“Clearly there are two aspects to any online transaction. We all have a responsibility to secure ourselves by only using secure web sites, legitimate apps and using unique, complex passwords to ensure that if one account is compromised it doesn’t put all our online accounts in jeopardy.

“However, providers also have a responsibility to ensure secure communication between the customers and their own systems.”

Related