ISACA Praises Australia's Change Your Password' Day
Printer friendly
"We are particularly impressed with the national Change Your Password day, which aims to encourage all IT users to change their password to at least eight characters," said Jo Stewart-Rattray from ISACA's international Security Management Committee and President of the Adelaide Chapter of ISACA.
"The Change Your Password day - which is being publicised by Ministers and IT security companies across Australia - is a splendid illustration of what can happen when private and public sector organisations co-operate effectively," she said.
According to Stewart-Rattray, there are software packages available whose application uses video cards to significantly increase the speed of brute force password decryption routines, mean that passwords of fewer than eight characters are potentially vulnerable to this type of decoding.
As a result, she explained, the Australian initiative - which also encourages IT users to switch to a mixture of upper- and lower-case alphanumeric characters - is an excellent way of explaining to end users the need to boost security on e-banking and other online systems.
Crakers (Criminal Hackers), she said, are no longer the altruistic bunch of programmers seen in movies such as 'Sneakers,' the 1992 cracking movie starring Robert Redford.
Today's crakers are a professional bunch, often with organised criminal backing, whose day job is focused entirely on extracting revenue - usually unlawfully - from anyone or any company that fails to secure their IT systems properly.
"Good password management is essential to preventing crakers completing their aims. This is why we're pleased to lend our support to this Australian initiative and encourage similar moves elsewhere in the world' said Stewart-Rattray, 'COBIT Security Baseline which is free to download from www.isaca.org/cobitpubs, advises users to change passwords immediately upon receipt and then regularly in accordance with policy, ensure that the chosen password is difficult to guess and meets established best practices for length, complexity, unacceptable names, etc."
With more than 86,000 constituents in more than 160 countries, ISACA is a leading global provider of knowledge, certifications, community, advocacy and education on information systems assurance and security, enterprise governance of IT, and IT-related risk and compliance. Founded in 1969, ISACA sponsors international conferences, publishes the ISACA Journal, and develops international information systems auditing and control standards. It also administers the globally respected Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) and Certified in the Governance of Enterprise IT (CGEIT) designations.
ISACA developed and continually updates the COBIT, Val IT and Risk IT frameworks, which help IT professionals and enterprise leaders fulfill their IT governance responsibilities and deliver value to the business.
Related links to this article:
ISACA
- Login or Register to comment
- Add to a social bookmarking site
Editor's Manifesto: Tony,meet Bill - don't mention the mainframe
"In an attempt to do the famous 'Charm Thing' with a certain Bill Gates, Tony Blair “got all [his] terminology mixed up”. Whichever Oxbridge-educated candidate ends up heading [fill in appropriate temporal adjective] Labour come the end of September, let's hope they'll be worrying less about the right nomenclature for enterprise computing platforms and more about policies that might get some more wealth-creating industry back in the country.”
Read more
The Dispatch Box: What the UK public sector could learn from Europe’s social media savvy
Neal Perry, Country Manager UK, Ireland & Middle East, at EPiServer talks about how some of the UK's European partners are implementing social media to strengthen citizen engagement.
"Across the World, governments created groups to explore the problems and the potential for strengthening citizen participation in local government. They then reunited the ‘champions of participation’ from countries in every continent to identify lessons and how sharing this experience might inform and shape policy and practice. Social media is one tool where organisations can embrace such initiatives and is an especially effective one when it comes to engaging the younger public." Read more
Innovation: A step too far in the austerity age?
Complete and enter our draw to win a free seat at the e-Government Awards. The public sector is already perceived to be lacking in innovation, but is that a fair assessment, and what role could it play in helping the government meet efficiency targets? What do people working on the frontline of ICT in public sector organisations think? Take part and share your views
David Mitchell Smith, research vice president & fellow at Gartner, discusses Cloud Computing.
Source: Gartner