Posts

Dumb Kids Equal Easy Targets

,

Your national security depends on the job you do educating your children. 

Here’s an alarming wakeup call: a task force led by former Secretary of State Condoleezza Rice and Joel Klein, former chancellor of New York’s school system has issued a stunning report. They warn that the nation’s security and economic prosperity are at risk if America’s schools don’t improve. The task force consists of 30 members with backgrounds in education and foreign affairs and was organized by the Council on Foreign Relations. As reported by the Associated Press, the report cautions that far too many schools fail to adequately prepare students and that “The dominant power of the 21st century will depend on human capital. The failure to produce that capital will undermine American security.” A shortage of skilled workers is expected to get worse as the current work force retires. The task force said the State Department and U.S. Intelligence agencies face critical shortfalls in the fields of foreign language, science, defense and aerospace. And so, it’s not a stretch to realize that no matter how diligent we are about educating people and businesses to protect their identities and information and to develop safe habits, the problem is ever so much more complex.

In my profession, just the thought of this scenario scares the living daylights out of me – it means I’ll never be put out of a job. Nothing would please me more than knowing that the sensitive information of most people and businesses – even the world as a whole – had become so secure that I’d have to tackle another topic. Rice and Klein said in interviews that they’re encouraged by efforts to improve schools such as the adoption of “common core” standards set in reading and math and the Obama administration’s “Race to the Top’ competition. But, they added, the pace to improve America’s schools must accelerate. “The rest of the world is not sitting by while we, in a rather deliberate fashion, reform the education system,” Rice said. Klein continued “I don’t think people have really thought about the national security implications and the inability to have people who speak the requisite languages who can staff a volunteer military, the kind of morale and human conviction you need to hold a country together.”

The panel makes three main recommendations:

  • Adopt and expand the common core initiative to include skill sets critical to national security such as science, technology and foreign languages
  • Make structural changes to provide students with more choices in where they can go to school, so many students aren’t stuck in underperforming schools
  • Create a national security readiness audit, prepared by governors working with the federal government, that can be used to judge whether schools are meeting national expectations in education
So what can we do? To protect ourselves and our children’s children, we have to jump in and actively support our school systems. Beyond the education community, we can encourage discussions that engage those in the defense and foreign policy establishments about how to improve schools.

At the same time, there are great rays of hope in education. On February 7, I spoke at The Leeds School of Business at the University of Colorado and found the students to be engaged, curious, and eager to learn how to be critical thinkers. When I return in April, I anticipate they’ll put me through the paces with their intelligent observations.

These may have been some of the same students who recently heard Andrew Fastow, former chief financial officer of Enron speak to the students, faculty and staff of Leeds. Fastow contacted the university and asked whether he could speak after reading an op-ed piece, published by Bloomberg Businessweek in January, written by Leeds dean David Ikenberry and Donna Sockell, director of the school’s Center for Education on Social Responsibility. The piece was about the need for deeper ethics training in business schools. Fastow, who completed a six-year prison sentence in December, imparted the message that following the rules isn’t enough. It took him a couple of years to realize he had “used the rules to subvert the rules.” So while there are bright spots in education, it’s more important than ever that we commit to improvement at every level, from grade school, up!

John Sileo is an award-winning author and international speaker on the dark art of deception (identity theft, data privacy, social media manipulation) and its polar opposite, the powerful use of trust, to achieve success. He is CEO of The Sileo Group, which advises teams on how to multiply performance by building a culture of deep trust. His clients include the Department of Defense, Pfizer, the FDIC, and Homeland Security. Sample his Keynote Presentation or watch him on Anderson Cooper, 60 Minutes or Fox Business. 1.800.258.8076.

Dropbox a Crystal Ball of Cloud Computing Pros & Cons

, ,

Dropbox is a brilliant cloud based service (i.e., your data stored on someone else’s server) that automatically backs up your files and simultaneously keep the most current version on all of your computing devices (Mac and Windows, laptops, workstations, servers, tablets and smartphones). It is highly efficient for giving you access to everything from everywhere while maintaining an off-site backup copy of every version of every document.

And like anything with that much power, there are risks. Using this type of syncing and backup service without understanding the risks and rewards is like driving a Ducati motorcycle without peering into the crystal ball of accidents that take the lives of bikers every year. If you are going to ride the machine, know your limits.

This week, Dropbox appears to have altered their user agreement (without any notice to its users), making it a FAR LESS SECURE SERVICE. Initially, their privacy policy stated:

… all files stored on Dropbox servers are encrypted (AES-256) and are inaccessible without your account password. (Quoted from PCWorl)

Currently, the privacy policy says that Dropbox can access and view your encrypted data, and it might do so to share information with law enforcement. Why is that important? Because it means that the encryption keys that keep your files private are actually stored on Dropbox’s server, not on your own computer. This puts the keys to your data (and every other Dropbox user) in the hands not only of Dropbox employees and law enforcement, but vulnerable to hackers. When the encryption key is located on your computer, at least the risk is spread over Dropbox’s user’s network.

But there is an even bigger issue that this exposes about the world of cloud computing in general: anytime your data lives on a device that you don’t own, you lose a certain amount of control over what happens to it. Here is just a sampling of factors that can affect the privacy and confidentiality of your cloud-stored data:

  • The cloud service provider changes their Terms of Service (like Dropbox just did) to cover their legal bases, making your data less secure without your even being alerted. This happens almost every week with Facebook, which changes privacy terms constantly. When you log back into your account, you are automatically agreeing to the new Terms of Service (and probably not reading the tens of pages of legal jargon).
  • The provider is bought out by a new company (possibly one overseas) or has its assets liquidated (the most valuable assets are generally information), that has different standards for data security and sharing. You, by default, are now covered by those standards.
  • The security of your data is weak in the first place. Security costs money, and many smaller cloud providers haven’t invested enough in protecting that data, leaving the door wide open for savvy hackers. SalesForce.com might be well protected, but is the free backup service or contact manager that you use?
  • Your data exists in a more public domain than when it is stored on internal, private servers, meaning that it is subject to subpoena without your being notified! In other words, the government and law enforcement has access to it and you will never know they were snooping around. This isn’t a concern for most small businesses, but it is still a cautionary note.

So does this mean we should all shut down our Dropbox, Carbonite, iBackup accounts? No. Does this mean that corporations should not implement the highly scalable, dramatically efficient solutions provided by the cloud? No. It means that both individuals and businesses must educate themselves on the up and down sides of this shift in computing. They can  begin the process by realizing that:

  1. Not all data is created equal and that some types of sensitive data should never be placed in someone else’s control. This is exactly why there are data classification systems (I subscribe to those used by the military and spy agencies: Public, Internal, Confidential and Top Secret).
  2. Not all cloud providers are created equal and you must understand the privacy policy, terms of service and track record of each one individually (just like you would choose a car with a better crash-test rating for your family).
  3. Anything of immense power comes with costs, and those costs must be calculated into the relative ROI of the equation. In other words, the answer here, like most complex things in life, exists in the gray area, not in a black or white, one-size-fits all generalization.

John Sileo writes and speaks on Information Leadership, including identity theft prevention, data breach, social media risk and online reputation. His clients include the Department of Defense, Homeland Security, the Federal Reserve Bank, FDIC, FTC and hundreds of corporations of all sizes. Learn more about his motivational data security events.