February 10, 2008   Sign In |  About ebizQ |  Contact Us |  Join ebizQ Gold Club
Peter Schooff
Peter Twenty-Four Seven Security
 Peter Schooff's blog is a daily look at what's going on in the world of computer security with an emphasis on how it affects businesses.

« Symantec Introduces Security as a Service | Main | Podcast: Systems Under Siege - Steps a CSO Should Take Today: A Talk With Mike Rothman »

April 20, 2007
Basic Rules to Defend Against Google Hacks

Some months ago I wrote a blog about the critical steps a company can take to prevent against some of the easiest of Google hacks, which usually entails a hacker searching for private and privileged information that has leaked out into the public sphere and within easy reach of Google.

First, it’s important to point out that Google is not to blame, as they are only providing access to what is already available. This is taken from SecuritySearch.com, and is based upon a presentation given by Tom Bowers, managing director of Security Constructs LLS based in Allentown, PA.

Hackers often unearth sensitive information using Google Earth, Google Patent Search, and Google Blog Search. Google can easily assists locating financial filings or security analyst reports that can serve up critical information. Also, Google Earth can reveal competitors plants, while Google Patent Search can easily pick up patents that might contain too-much information.

Daniel Pinto, from the company RAC Partners LLC, out of New Jersey, says the key is to make everyone aware that certain types of information are not to be publicized, whether at an industry conference or on the internet. Essentially, companies need clear policies on what information can be released both by its employees and its partners.

Because if someone unearths your companies sensitive information, most don’t even considered it hacking, as once it’s on Google, it’s considered publicly available data. That’s why a good security team must maintain a foolproof firewall. Also, all email coming and going should be both encrypted and filtered.

Finally, to make sure people are kept aware of the need to protect critical corporate information, anyone who lets information slip should lose their access rights.

Posted by pschooff in |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/1721

Comments Post a comment




Remember Me?

(you may use HTML tags for style)

We ask that you type your code (displayed below) in the text box.This code is an image that cannot be read by a machine. It prevents automated programs from submitting comments.


Code:



Most Recent ebizQ Blog Entries
ADVERTISEMENT
Subscribe
News Feed
Recent Posts
Categories
Archives
Blog Roll
Blogosphere
This Work
Accountability:The opinions expressed in this blog are solely representative of the blog's author, and not of ebizQ
Subscribe to our Newsletters
ebizQ Weekly Gold Club Update
Live Webinar Updates
Updates from ebizQ Partners
ebizQ SOA Update
ebizQ BPM Update
ebizQ Security Update
ebizQ BI Update
ebizQ Open Source Software Update
Virtual Show Newsletter
Your E-mail Address:
BAM: The Killer App for CEP
Date: Feb 12, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Event Processing Market Pulse
Date: Feb 14, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Archived Webinars | Upcoming Webinars

Marketing Solutions | Feedback | About ebizQ | Unsubscribe | Privacy Policy | Site Map