Security of Personal Email Accounts
Last week, former Secretary of State General Colin Powell became the latest public figure to have his personal email account hacked and his messages exposed publicly, to great embarrassment to himself and others. He joins a long list of political, government, and entertainment figures who have endured this same fate. Organizations cannot ignore the potential impact of such an incident occurring to one of their personnel, especially senior management in highly visible roles. The good news is that this type of incident is avoidable. The majority of these incidents have happened when a user's password was guessed, obtained via keystroke monitoring or other snooping, or reset via social engineering. The social engineering method that has been used against many prominent people, including the Director of the CIA and the Director of National Intelligence, was to contact their Internet provider or phone company and request a password reset. These methods can be largely defeated using ...