{"id":6161,"date":"2022-02-28T22:04:16","date_gmt":"2022-02-28T22:04:16","guid":{"rendered":"https:\/\/webstyleclub.website\/smart-card\/?p=6161"},"modified":"2022-09-15T01:12:54","modified_gmt":"2022-09-15T01:12:54","slug":"threats-to-cards-and-data-security","status":"publish","type":"post","link":"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/","title":{"rendered":"Threats to Cards and Data Security"},"content":{"rendered":"
Effective security system planning takes into account the need for authorized users to access data reasonably easily, while considering the many threats that this access presents to the integrity and safety of the information. There are basic steps to follow to secure all smart card systems, regardless of type or size.<\/p>\n
When analyzing the threats to your data an organization should look closely at two specific areas: Internal attacks and external attacks. The first and most common compromise of data comes from disgruntled employees. Knowing this, a good system manager separates all back-up data and back-up systems into a separately partitioned and secured space. The introduction of viruses and the attempted formatting of network drives is a typical internal attack behavior. By deploying employee cards that log an employee into the system and record the time, date and machine that the employee is on, a company automatically discourages these type of attacks.<\/p>\n
<\/a><\/p>\n External attacks are typically aimed at the weakest link in a company’s security armor. The first place an external hacker looks at is where they can intercept the transmission of your data. In a smart card-enhanced system this starts with the card.<\/p>\n <\/a><\/p>\n The following sets of questions are relevant to your analysis. Is the data on the card transmitted in the clear or is it encrypted? If the transmission is sniffed, is each session secured with a different key? Does the data move from the card reader<\/a> to the PC in the clear? Does the PC or client transmit the data in the clear? If the packet is sniffed, is each session secured with a different key? Does the operating system have a back door? Is there a mechanism to upload and down load functioning code? How secure is this system? Does the OS provider have a good security track record? Does the card manufacturer have precautions in place to secure your data? Do they understand the liabilities? Can they provide other security measures that can be implemented on the card and or module? When the card is subjected to Differential Power attacks and Differential Thermal attacks does the OS reveal any secrets? Will the semiconductor utilized meet this scrutiny? Do your suppliers understand these questions?<\/p>\n Other types of problems that can be a threat to your assets include:<\/p>\n Effective security system planning takes into account the need for authorized users to access data reasonably easily, while considering the many threats that this access presents to the integrity and safety of the information. There are basic steps to follow to secure all smart card systems, regardless of type or size. Analysis: Types of data […]<\/p>\n","protected":false},"author":1,"featured_media":5649,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[175],"tags":[],"yoast_head":"\n\n