{"id":6161,"date":"2022-02-28T22:04:16","date_gmt":"2022-02-28T22:04:16","guid":{"rendered":"https:\/\/webstyleclub.website\/smart-card\/?p=6161"},"modified":"2022-09-15T01:12:54","modified_gmt":"2022-09-15T01:12:54","slug":"threats-to-cards-and-data-security","status":"publish","type":"post","link":"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/","title":{"rendered":"Threats to Cards and Data Security"},"content":{"rendered":"<p>Effective security system planning takes into account the need for authorized users to access data reasonably easily, while considering the many threats that this access presents to the integrity and safety of the information. There are basic steps to follow to secure all smart card systems, regardless of type or size.<\/p>\n<ul>\n<li>Analysis: Types of data to secure; users, points of contact, transmission. Relative risk\/impact of data loss<\/li>\n<li>Deployment of your proposed system<\/li>\n<li>Road Test: Attempt to hack your system; learn about weak spots, etc.<\/li>\n<li>Synthesis: Incorporate road test data, re-deploy<\/li>\n<li>Auditing: Periodic security monitoring, checks of system, fine-tuning<\/li>\n<\/ul>\n<p>When analyzing the threats to your data an organization should look closely at two specific areas: Internal attacks and external attacks. The first and most common compromise of data comes from disgruntled employees. Knowing this, a good system manager separates all back-up data and back-up systems into a separately partitioned and secured space. The introduction of viruses and the attempted formatting of network drives is a typical internal attack behavior. By deploying employee cards that log an employee into the system and record the time, date and machine that the employee is on, a company automatically discourages these type of attacks.<\/p>\n<p><a href=\"https:\/\/www.smartcardbasics.com\/smart_card_images\/threats_lrg.gif\" target=\"_blank\" rel=\"noopener\"><img title=\"\" src=\"https:\/\/www.smartcardbasics.com\/smart_card_images\/threats_sm.gif\" alt=\"\"\/><\/a><\/p>\n<div>(Click image for larger version.)<\/div>\n<p>External attacks are typically aimed at the weakest link in a company&rsquo;s security armor. The first place an external hacker looks at is where they can intercept the transmission of your data. In a smart card-enhanced system this starts with the card.<\/p>\n<p><a href=\"https:\/\/www.smartcardbasics.com\/smart_card_images\/panel8_lrg.gif\" target=\"_blank\" rel=\"noopener\"><img title=\"\" src=\"https:\/\/www.smartcardbasics.com\/smart_card_images\/panel8_sm.gif\" alt=\"\"\/><\/a><\/p>\n<div>(Click image for larger version.)<\/div>\n<p>The following sets of questions are relevant to your analysis. Is the data on the card transmitted in the clear or is it encrypted? If the transmission is sniffed, is each session secured with a different key? Does the data move from the&nbsp;<a href=\"http:\/\/www.cardlogix.com\/products\/readers\/\" target=\"_blank\" rel=\"noopener\">card reader<\/a>&nbsp;to the PC in the clear? Does the PC or client transmit the data in the clear? If the packet is sniffed, is each session secured with a different key? Does the operating system have a back door? Is there a mechanism to upload and down load functioning code? How secure is this system? Does the OS provider have a good security track record? Does the card manufacturer have precautions in place to secure your data? Do they understand the liabilities? Can they provide other security measures that can be implemented on the card and or module? When the card is subjected to Differential Power attacks and Differential Thermal attacks does the OS reveal any secrets? Will the semiconductor utilized meet this scrutiny? Do your suppliers understand these questions?<\/p>\n<p>Other types of problems that can be a threat to your assets include:<\/p>\n<ul>\n<li>Improperly secured passwords (writing them down, sharing)<\/li>\n<li>Assigned PINs and the replacement mechanisms<\/li>\n<li>Delegated Authentication Services<\/li>\n<li>Poor data segmentation<\/li>\n<li>Physical Security (the physical removal or destruction of your computing hardware)<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Effective security system planning takes into account the need for authorized users to access data reasonably easily, while considering the many threats that this access presents to the integrity and safety of the information. There are basic steps to follow to secure all smart card systems, regardless of type or size. Analysis: Types of data [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":5649,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[175],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v19.6.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Threats to Cards and Data Security | Smart Card Basics<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Threats to Cards and Data Security | Smart Card Basics\" \/>\n<meta property=\"og:description\" content=\"Effective security system planning takes into account the need for authorized users to access data reasonably easily, while considering the many threats that this access presents to the integrity and safety of the information. There are basic steps to follow to secure all smart card systems, regardless of type or size. Analysis: Types of data [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Smart Card Basics\" \/>\n<meta property=\"article:published_time\" content=\"2022-02-28T22:04:16+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-09-15T01:12:54+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.smartcardbasics.com\/wp-content\/uploads\/2020\/09\/05.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"484\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/www.smartcardbasics.com\/#\/schema\/person\/90e2b1dea159c8d218e6bbbb0193fdb8\"},\"headline\":\"Threats to Cards and Data Security\",\"datePublished\":\"2022-02-28T22:04:16+00:00\",\"dateModified\":\"2022-09-15T01:12:54+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/\"},\"wordCount\":475,\"publisher\":{\"@id\":\"https:\/\/www.smartcardbasics.com\/#organization\"},\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/\",\"url\":\"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/\",\"name\":\"Threats to Cards and Data Security | Smart Card Basics\",\"isPartOf\":{\"@id\":\"https:\/\/www.smartcardbasics.com\/#website\"},\"datePublished\":\"2022-02-28T22:04:16+00:00\",\"dateModified\":\"2022-09-15T01:12:54+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.smartcardbasics.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Threats to Cards and Data Security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.smartcardbasics.com\/#website\",\"url\":\"https:\/\/www.smartcardbasics.com\/\",\"name\":\"Smart Card Basics\",\"description\":\"Trusted Smart Card Solutions\",\"publisher\":{\"@id\":\"https:\/\/www.smartcardbasics.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.smartcardbasics.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.smartcardbasics.com\/#organization\",\"name\":\"Smart Card Basics\",\"url\":\"https:\/\/www.smartcardbasics.com\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.smartcardbasics.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.smartcardbasics.com\/wp-content\/uploads\/2022\/01\/logo.png\",\"contentUrl\":\"https:\/\/www.smartcardbasics.com\/wp-content\/uploads\/2022\/01\/logo.png\",\"width\":570,\"height\":165,\"caption\":\"Smart Card Basics\"},\"image\":{\"@id\":\"https:\/\/www.smartcardbasics.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.smartcardbasics.com\/#\/schema\/person\/90e2b1dea159c8d218e6bbbb0193fdb8\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.smartcardbasics.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/ff5fae9e1e909e199b69e6195b182cde?s=80&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/ff5fae9e1e909e199b69e6195b182cde?s=80&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/webstyleclub.website\/smart-card\"],\"url\":\"https:\/\/www.smartcardbasics.com\/author\/admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Threats to Cards and Data Security | Smart Card Basics","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/","og_locale":"en_US","og_type":"article","og_title":"Threats to Cards and Data Security | Smart Card Basics","og_description":"Effective security system planning takes into account the need for authorized users to access data reasonably easily, while considering the many threats that this access presents to the integrity and safety of the information. There are basic steps to follow to secure all smart card systems, regardless of type or size. Analysis: Types of data [&hellip;]","og_url":"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/","og_site_name":"Smart Card Basics","article_published_time":"2022-02-28T22:04:16+00:00","article_modified_time":"2022-09-15T01:12:54+00:00","og_image":[{"width":800,"height":484,"url":"https:\/\/www.smartcardbasics.com\/wp-content\/uploads\/2020\/09\/05.jpg","type":"image\/jpeg"}],"author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/#article","isPartOf":{"@id":"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/"},"author":{"name":"admin","@id":"https:\/\/www.smartcardbasics.com\/#\/schema\/person\/90e2b1dea159c8d218e6bbbb0193fdb8"},"headline":"Threats to Cards and Data Security","datePublished":"2022-02-28T22:04:16+00:00","dateModified":"2022-09-15T01:12:54+00:00","mainEntityOfPage":{"@id":"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/"},"wordCount":475,"publisher":{"@id":"https:\/\/www.smartcardbasics.com\/#organization"},"articleSection":["Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/","url":"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/","name":"Threats to Cards and Data Security | Smart Card Basics","isPartOf":{"@id":"https:\/\/www.smartcardbasics.com\/#website"},"datePublished":"2022-02-28T22:04:16+00:00","dateModified":"2022-09-15T01:12:54+00:00","breadcrumb":{"@id":"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.smartcardbasics.com\/threats-to-cards-and-data-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.smartcardbasics.com\/"},{"@type":"ListItem","position":2,"name":"Threats to Cards and Data Security"}]},{"@type":"WebSite","@id":"https:\/\/www.smartcardbasics.com\/#website","url":"https:\/\/www.smartcardbasics.com\/","name":"Smart Card Basics","description":"Trusted Smart Card Solutions","publisher":{"@id":"https:\/\/www.smartcardbasics.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.smartcardbasics.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.smartcardbasics.com\/#organization","name":"Smart Card Basics","url":"https:\/\/www.smartcardbasics.com\/","sameAs":[],"logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.smartcardbasics.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.smartcardbasics.com\/wp-content\/uploads\/2022\/01\/logo.png","contentUrl":"https:\/\/www.smartcardbasics.com\/wp-content\/uploads\/2022\/01\/logo.png","width":570,"height":165,"caption":"Smart Card Basics"},"image":{"@id":"https:\/\/www.smartcardbasics.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.smartcardbasics.com\/#\/schema\/person\/90e2b1dea159c8d218e6bbbb0193fdb8","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.smartcardbasics.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/ff5fae9e1e909e199b69e6195b182cde?s=80&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ff5fae9e1e909e199b69e6195b182cde?s=80&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/webstyleclub.website\/smart-card"],"url":"https:\/\/www.smartcardbasics.com\/author\/admin\/"}]}},"jetpack_featured_media_url":"https:\/\/www.smartcardbasics.com\/wp-content\/uploads\/2020\/09\/05.jpg","featured_image_src":{"full":["https:\/\/www.smartcardbasics.com\/wp-content\/uploads\/2020\/09\/05.jpg",800,484,false],"landsacpe":["https:\/\/www.smartcardbasics.com\/wp-content\/uploads\/2020\/09\/05.jpg",800,484,false],"list":["https:\/\/www.smartcardbasics.com\/wp-content\/uploads\/2020\/09\/05.jpg",800,484,false],"grid":["https:\/\/www.smartcardbasics.com\/wp-content\/uploads\/2020\/09\/05-300x182.jpg",300,182,true]},"author_name":"admin","category_names":["Security"],"comment_count":"0","_links":{"self":[{"href":"https:\/\/www.smartcardbasics.com\/wp-json\/wp\/v2\/posts\/6161"}],"collection":[{"href":"https:\/\/www.smartcardbasics.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.smartcardbasics.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.smartcardbasics.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.smartcardbasics.com\/wp-json\/wp\/v2\/comments?post=6161"}],"version-history":[{"count":1,"href":"https:\/\/www.smartcardbasics.com\/wp-json\/wp\/v2\/posts\/6161\/revisions"}],"predecessor-version":[{"id":6167,"href":"https:\/\/www.smartcardbasics.com\/wp-json\/wp\/v2\/posts\/6161\/revisions\/6167"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.smartcardbasics.com\/wp-json\/wp\/v2\/media\/5649"}],"wp:attachment":[{"href":"https:\/\/www.smartcardbasics.com\/wp-json\/wp\/v2\/media?parent=6161"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.smartcardbasics.com\/wp-json\/wp\/v2\/categories?post=6161"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.smartcardbasics.com\/wp-json\/wp\/v2\/tags?post=6161"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}