A year after the Twitter-AP event, new security vulnerabilities and breaches (Heartbleed, Target, to name a few) continue to be in the weekly headlines. Organizations affected by those events have taken some measures to prevent them from happening again, and the largest financial services companies are investing heavily in cyber security. JPMorgan Chase, the nation’s largest financial institution, recently announced they are investing in additional layers of security, to the tune of $250 million annually and 1,000 people dedicated to the effort. Other organizations with high-value data and assets should follow that trend, and make a real assessment of their current solutions to see if they really help them combat cyber attacks and fraud in an effective way.
In light of Twitter’s recent decision to offer two-factor authentication, many have noted that phone-based authentication is impractical for enterprise twitter users, many of whom rely on multiple individuals to manage a single enterprise account. While a noble gesture, it is both impractical but also not as secure as many may think. So what should Twitter do? Why not look to a group of companies who have long had a need to authenticate their users before enabling transactions - banks. Read more