Englisch BHS, Maturatraining mit Audio-CD

72 Tapescript Password security (CD 05) Announcer: You are going to listen to a business advisor talking about password security. First you will have 45 seconds to study the task below, then you will hear the recording twice. While listening, match the beginnings of the sentences (1–8) with he sentence endings (A–K). „ere are two sentence endings that you should not use. Write your answers in the spaces provided. „e…rst one (0) has been done for you. A‡er the second listening, you will have 45 seconds to check your answers. (45 sec pause, acoustic signal) Presenter: How o‡en have you been in this situation? You get back from a vacation,…re up your computer and realize you’ve forgotten your password. You check your phone where you recorded it a few weeks ago and email it to yourself at work. Not an ideal solution! I am here today with small business advisor and connectivity expert Samira Cli‡. Samira, how can small businesses keep sensitive information such as passwords secure? Samira: First of all, many companies with decent IT admin will already have a system in place to keep the network safe. Presenter: You mean like a…rewall. Samira: Exactly, and that keeps all sensitive emails safe. But nowadays traditional password protection policies are being compromised by BYOD – bring your own devices – to the workplace. As you probably know more and more work emails being sent on personal phones and laptops, o‡en without password protection. How many of these end up getting lost or stolen? – leaving the company vulnerable to a security breach. Presenter: Well I suppose that scenario could be avoided by basic monitoring or auditing. But what other methods do hackers use to in…ltrate our digital lives? Samira: One of the biggest risks is using common passwords. Most of us have two or three that we use regularly, but some people use just one for everything. Imagine what happens when they register their details on a website or forum that’s being monitored by hackers. Presenter: … the hackers will have everything they need to get at their email account … Samira: Not just their email, they’ll have access to their Amazon, eBay and PayPal accounts, not to mention their login at work. Even their bank account, if they use the ‘forgot your password’ links. Hackers can easily answer security questions with information they’ve gleaned from social media and emails. Presenter: Of course. Samira: „en there’s another hacking method called social engineering. In 2011, as a kind of test, the US Department of Homeland Security randomly dropped USB and optical drives in government and private contractors’ car parks. „ey were infected with a Trojan that auto-installed itself as soon as it was plugged in. „e DHS agents were amazed to discover that sixty percent of the people who picked them up plugged them into their work computers! Presenter: You’re kidding! Samira: It gets worse. When they tried the same trick with USBs stamped with o¯cial government logos, that…gure rose to ninety percent! Presenter: Scary stu˜! Samira: Indeed. „ere are less sophisticated examples of social engineering, such as hackers calling up an o¯ce and claiming to be from the IT department and asking users for their passwords – and it works. Presenter: So how can small enterprises protect themselves against these kinds of threats? Samira: You can install a dedicated password manager system that allows all passwords to be stored in one place, o‡en called a vault, with just one suitably complex password. Or if you don’t like that idea, you can boost security with multi-factor authentication where users need more than one factor to log on, such as the correct IP address or a…ngerprint reader. Ultimately it depends on how big your risk factors are, how much password protection you use. Presenter: What about sta˜ education? Telling them not to divulge any passwords, user names or email addresses over the phone or by email without veri…cation seems obvious. Samira: Yes and not to plug in random USB devices even ones handed out at conferences. An annual review of password policies can be a good idea, especially a‡er a major change, for example when a senior IT person leaves the company. And if you don’t have the in-house knowledge or con…dence, bring in an IT consultant. Presenter: Sound advice. Samira Cli‡, thank you very much! (15 sec pause, acoustic signal, track replays, 45 sec pause) Nur zu Prüfzwecken – Eigentum des Verlags öbv