Research 1 company and describe how they protect their company from internet risks. Also, research for possible risks or dangers and/or impacts of internet - related crimes to a company.
Dovell Bonnett, Founder & CEO, Access Smart, LLC Dovell Bonnett has been creating security solutions for computer users for over 20 years. In order to provide these solutions to consumers as directly, and quickly, as possible, he founded Access Smart. With each of his innovations, the end user — the person sitting in front of a computer traversing the Internet — is his No. 1 customer, whether that individual is using a notebook computer in a home-based office or an employee working on a desktop at a large company.
This passion, as he puts it, to “empower people to manage digital information in the digital age" also led him to write the popular Online Identity Theft Protection for Dummies. Within the pervasive nature of our e-commerce and e-business community, personal information, from credit card numbers to your pet’s name, is more easily accessed, and identity theft and fraud has become an issue that touches every consumer.
Mr. Bonnett’s solutions reduce security risks for individual users, small businesses and large corporations. His professional experience spans 21 years in engineering, product development, sales and marketing, with more than 13 years focused specifically on smartcard technology, systems and applications. Mr. Bonnett has spent most of his smartcard career translating and integrating technology components into end-user solutions designed to solve business security needs and incorporating multi-applications onto a single credential using both contactless and contact smartcards. He has held positions at National Semiconductor, Siemens (Infineon), Certicom, Motorola and HID. He is the author of smartcard articles, regularly presents at conferences, and helps companies successfully implement smartcard projects. Mr. Bonnett has been an active member of the Smart Card Alliance contributing to the development of physical access security white papers. He holds dual bachelor’s degrees in industrial and electrical engineering from San Jose State University.
Marguerite Bonnett, Executive Vice President, Access Smart, LLC.Marguerite Bonnett’s success has allowed her to focus on projects she truly believes in, and working with consumers — from small-business start-ups to Fortune 500 companies — to reduce the incidence of identity theft and fraud is an issue she has championed for the last several years. Having worked within the industry from its first days, she’s helped the e-commerce sector grow and has kept her finger on the pulse of both its triumphs and failures.
Chief among the failures is the security risks for the end user, a problem that Access Smart created solutions for, and Ms. Bonnett continues to share this information with consumers as widely and quickly as possible. She has more than 10 years experience in Silicon Valley high-tech marketing covering several industries from semiconductors to back-end Wall Street data services. As a marketing professional, Ms. Bonnett has managed Web site development for start up firms, ongoing collateral including brochures, training seminars, direct mail, customer support and trade shows. She has significant experience in art and design, including work on several feature films in addition to screenwriting.
Dietrich Wecker, Technology Developer & AdvisorA co-creator of the Sphinx software, Dietrich Wecker is a forward-thinking software innovator. He also has an unusual capability for an MS level engineer — he excels at listening to what customers need and is able to deliver solutions in the most user-friendly way. Mr. Wecker’s ability to see the big picture by balancing customer need with technical potential and business case has enabled Sphinx software to establish the substantial installed customer base that it boasts today.
His strong leadership ensures that both strategic partners and customers may continue to expect the high level of quality and responsiveness that have become the hallmark of his solutions. He has more than 20 years of experience in application development, and leading development and integration teams for a wide range of software and hardware systems.
Consequences:
Though the consequences are the same before and after disclosure, it is worth discussing the impact here, given that the implication was that the “entire web” could be taken down. The nature of the attack requires the following:
1. An attacker must convince/trick a user into making a DNS request for a domain that doesn’t already exist in their DNS server’s cache. The expectation here is that s/he can be easily tricked into doing this.
2. Then, the attacker must simultaneously attack the DNS server by guessing the transaction ID. According to Kaminsky, the request/attack phase can be done reliably in about 10 seconds.
3. The attack is DNS server-specific. Only users on the same DNS server are affected.
4. Propagation: once the cache is poisoned, anyone requesting that domain will be routed to a malicious server.
Impact or risk:
First, it is worth noting that this “bug” is more properly classified as a new attack technique invented by Dan. It combines two vulnerabilities that have been well-known for some time – the ability to guess non-random transaction IDs and the use of Additional RRs to insert new entries into the DNS cache. A fix against either of these vulnerabilities also negates the attack itself.
-----MAY ANN V. TELAN-----
-----MGT. 7, SCHED A, 17:15-16:15-----
