tag:blogger.com,1999:blog-21995415.post3585123718068843959..comments2024-02-01T11:08:01.659-05:00Comments on Matt Flynn: Information Security | Identity & Access Mgmt.: Phishing Special ReportMatt Flynnhttp://www.blogger.com/profile/09902381553517250020noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-21995415.post-52518175732352231692007-02-07T13:33:00.000-05:002007-02-07T13:33:00.000-05:00I agree, user awareness is the ultimate defense me...I agree, user awareness is the ultimate defense mechanism against phishing and any other identity risk. However, I just don't envision many users investing their personal time in understanding these elements. It seems obvious that one would want to protect themselves and yet, the # of incidents continue rising due to lack of awareness. Furthermore, users may feel that verifing HTTPS indicators and other security objects prior to each log-in attempt is a little invasive and time-consuming. I think it would be useful to provide users with a suite of identity protection tools that for instance, would notify them via SMS whenever a log-in authetication to their bank account is initiated. And if there was truely an unauthorized attempt, the user should be able to instantly lock their account using SMS or a more convienent method rather than having to call customer service each time...<br /><br />It's really going to be interesting to see how far we progress in the next 5 yrs or so...Testhttps://www.blogger.com/profile/01138995369686598707noreply@blogger.com