Skip to content

There’s No Excuse for Failing to Fix Simple Security Flaws

by on August 13, 2014

Protecting a business and its customers against cyber-attack and data loss is a multi-faceted, relentless task that requires careful consideration and robust systems and policies. Some elements of this are more complex than others but ultimately those challenges can, and must, be overcome.

What there is no excuse for, however, is a business knowing about, and failing to rectify, a simple, easily fixable flaw in its cyber-security as seen with PayPal this week. Having been alerted by an Australian hacker that a flaw existed in some aspects of its two-factor authentication system, making it possible for it to be by-passed, in June, the hacker went public with the flaw this week as it had still not been resolved.

A fundamental flaw, such as this, in how the authentication is handled, is easy to avoid and shouldn’t have been allowed to occur in the first place and what’s more it is simple to fix. Two-factor authentication, when properly executed, can add invaluable layers of security, providing the user chooses a strong password.

It is critical that any flaw, whether it be simple or complex, large or small, is addressed quickly and efficiently to provide businesses and their customers with maximum security at all times. In this instance it would appear PayPal has been lucky that it has not suffered a major breach as it works to fix the issue. However businesses can’t, and shouldn’t, rely on good fortune as a method of cyber-security.

From → pentura

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: