skip to main content

BizConnect online banking is about to get even better!

Here's great news! We are launching a new business online banking experience that will make managing your business finances easier than ever.

What's New...

BizConnect will now be known as Business Online Banking. A fresh, new look and seamless functionality will make Business Online Banking simple to use with convenient access to your most commonly used services.

Learn More Today   Continue to Login

NLNB Blog

Can a Stalker Story Help Cybersecurity at Your Company?

<a href="https://cyberscout.com/education/blog/can-a-stalker-story-help-cybersecurity-at-your-company">Can a Stalker Story Help Cybersecurity at Your Company?</a>

Florida police officer Leonel Marines resigned after a police investigation resulted in allegations that the 12-year veteran of the Bradenton Police Department had been using police data bases like a dating app to locate potential women for fun and maybe more.

Protect and Serve, meet self-service.

If you think something like this should be impossible, consider how police work: Their lives are on the line, and they need to know who they’re dealing with. There is no time to ask permission to access data that could drastically affect the outcome of a dangerous situation in real time. The presumption is that law enforcement officers will not abuse their access to data, any more than they might the power of a gun and a badge.

Marines was that unhoped-for aberration. According to reports, he looked up 150 women, and, connecting names to social media accounts, used phone numbers on file to contact “potential dates,” and ask them out. Perhaps even more shocking is the fact that the scheme worked—Marines actually got some dates—that is, until it failed spectacularly (if the charges stick).

You can read the details here, because I’m telling the story as a pivot to something cyber-related. While police officers need access to sensitive data, not everyone does. This basic truth is a foundational truth in cybersecurity protocols.

The story does suggest that even among police, there can be and should be a review—whether automated or random—of information accessed by a police officer. For instance, the alleged “data set as dating app” stalker cop would have set off alarms, because he checked the files of mainly women, and specifically Latina women. It would be easy enough to create some rules so that kind of search behavior set off an alarm. It would only require that cyber was baked into the search system used.

Baking in Security from the Start

Increasingly cybersecurity is baked in, and this is where the main cybersecurity lesson here can be found. Most organizations don’t handle the kind of life and death situations associated with law enforcement where not knowing about a person could result in instant death. As a result, it is possible and preferable to have a credential system where users have access to only information that their credentials will allow, saving the most sensitive access to the most trusted people in an organization.

Cybersecurity is all about thinking what-if (a rogue, randy cop wants to swipe right and left on a driver license data base) and what can be done to make that behavior trip an alarm?

What if everything at your organization isn’t secure? It’s the first question in a long series that if answered meticulously will make you harder to hit, and less vulnerable to unforeseen ways shoddy data protection can lead to unwanted attention.

Link to original article

Local People. Local Decisions. Local Ownership.
NebraskaLand National Bank is committed to website compliance with the Americans with Disabilities Act.
We strive to make our site useful and accessible to everyone. If you have questions or comments regarding the website please contact us.
copyright © 2004-2019 NebraskaLand National Bank. All rights reserved. / sitemap / Admin Login
top
^