I've had a couple of my clients contact me after they read about the data breach that occurred at Epsilon that was announced last weekend. They were curious as to why I didn't post about it on my blog.
The short answer is "I was busy."
However that doesn't mean that I don't think that this is a serious issue. I just think that if my clients are following the best practices which I've outlined in several other posts, they won't have to worry about this particular breach.
Will the data that was obtained be used in phishing attempts? Almost certainly. Will those attempts be sophisticated? I believe so. It's still not a reason to panic.
I fall back to my default position vis-à-vis email security. If a company contacts you via email with a link, and you weren't expecting it, don't click on it. Call the company, or contact them via their website (getting there manually, of course) and verify that the email is legitimate. Never enter any account, credit card, or personal information in an email reply or a form linked via email. If in doubt, delete the email and contact the sender.
I trust that my clients (all of whom are brilliant and successful in their own fields, and circumspect by training if not by default) will "do the right thing" when it comes to email use and security. I don't think I have to be "chicken little" every time a new breach occurs.
So, the "long" of it is, loyal reader, I trust you, even if I can't trust marketing corporations.
About Me
- Jonathan Watts
- Los Angeles, CA, United States
- I have over 15 years of professional experience in the I.T. field, working with individuals and small to mid-size businesses. I've received a certificate in Project Management from UCLA, and I am a member of PMI. I have expertise in Active Directory, Open Directory, VMWare, Windows, Mac OSX, *nix, Exchange, IIS, Cisco, Forefront TMG, MARS, ACS, CSA, EMC, NetApp, and Websense. I've worked in all aspects of I.T., from end-user support to engineering and design.
Subscribe
Posts
Comments