|By Marketwired .||
|April 15, 2014 12:07 AM EDT||
WASHINGTON, DC -- (Marketwired) -- 04/15/14 -- Last month the two mobile apps, Fandango and Credit Karma, settled with the Federal Trade Commission (FTC) over charges that both companies had falsely represented the security of their mobile apps, leading to an insecure transmission of sensitive personal data of millions of customers. The FTC argued that the credit monitoring company, Credit Karma, and the movie ticketing service, Fandango, both failed to take appropriate measures to guarantee secure transmission of customers' sensitive personal data, allowing attackers to intercept and access email addresses, names, passwords, social security numbers, credit card information and credit report information. Now, the FTC ordered the two companies to put comprehensive security measures in place to minimize security risks during the use of their mobile apps. On top of that, Fandango and Credit Karma agreed to undergo security assessments every other year for the next 20 years. After the settlement, Edith Ramirez, FTC Chairwoman, said: "Our cases against Fandango and Credit Karma should remind app developers of the need to make data security central to how they design their apps."
Fandango and Credit Karma both could have avoided the charges by the FTC if they had enabled SSL certificate validation. SSL, short for Secure Sockets Layer, is an industry standard that ensures that no attacker can intercept the transmission of sensitive data and secures the communications of an app. Applications that use the SSL protocol verify certificates presented by online services to guarantee a safe and encrypted transmission. If the SSL certificate validation enabled, as in the case of Fandango and Credit Karma, the mobile app becomes vulnerable to man-in-the-middle attacks. While the FTC demonstrated an existing vulnerability, no consumer information was compromised by Fandango's nor Credit Karma's failure to put security measures in place, which could explain why the FTC agreed to a settlement without monetary penalties. In an article regarding the recent development of FTC case against Fandango and Credit Karma, Sarah Coffey of Ifrah Law, a Washington-based law firm founded by attorney Jeff Ifrah, points out the importance for companies to take necessary security steps before launching a new mobile app.
Jeff Ifrah and his team of attorneys are experienced in advising companies that are approached by the Federal Trade Commission or other state agencies. Jeff helps his clients to put appropriate policies and procedures in place and develops a sound legal strategy in case a company gets involved in potential security or data breach accusations. With the growing representation of companies on the Internet, collecting, using and protecting consumer information plays an increasingly important role. As a result, consumer advocacy groups and government regulators are keeping a watchful eye on companies to ensure they adhere to all rules and regulations. Jeff helps clients from various industries as well as website operators to draft their privacy policies to avoid legal issues with regards to data protection.
Attorney and Ifrah Law's founder, Jeff Ifrah, specializes in the defense of federal investigations and litigation. Clients come from many regulated industries and involve primarily e-commerce, e-business, and government contracts. He started his career as a trial lawyer and officer in the U.S. Army's Judge Advocate General's Corps, followed by an appointment as trial counsel to the U.S. Army Communications-Electronics Command at Fort Monmouth. Jeff then gained experience as a special assistant U.S. Attorney in New Jersey. Jeff's legal excellence is widely recognized -- Chambers USA has recognized him for three years in a row as one of the leading lawyers in the United States for litigation in the fields of White Collar Crime and Government Investigations.
Jeff Ifrah Law: http://www.jeffifrahlaw.com
Image Available: http://www2.marketwire.com/mw/frame_mw?attachid=2568252
Embedded Video Available: http://www2.marketwire.com/mw/frame_mw?attachid=2568257
PR Agency Contact:
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at @ThingsExpo, James Kirkland, Red Hat's Chief Arch...
Jul. 30, 2015 07:30 PM EDT Reads: 1,390
For IoT to grow as quickly as analyst firms’ project, a lot is going to fall on developers to quickly bring applications to market. But the lack of a standard development platform threatens to slow growth and make application development more time consuming and costly, much like we’ve seen in the mobile space. In his session at @ThingsExpo, Mike Weiner, Product Manager of the Omega DevCloud with KORE Telematics Inc., discussed the evolving requirements for developers as IoT matures and conducte...
Jul. 30, 2015 07:15 PM EDT Reads: 295
Providing the needed data for application development and testing is a huge headache for most organizations. The problems are often the same across companies - speed, quality, cost, and control. Provisioning data can take days or weeks, every time a refresh is required. Using dummy data leads to quality problems. Creating physical copies of large data sets and sending them to distributed teams of developers eats up expensive storage and bandwidth resources. And, all of these copies proliferating...
Jul. 30, 2015 06:30 PM EDT Reads: 883
Malicious agents are moving faster than the speed of business. Even more worrisome, most companies are relying on legacy approaches to security that are no longer capable of meeting current threats. In the modern cloud, threat diversity is rapidly expanding, necessitating more sophisticated security protocols than those used in the past or in desktop environments. Yet companies are falling for cloud security myths that were truths at one time but have evolved out of existence.
Jul. 30, 2015 06:00 PM EDT Reads: 1,797
Digital Transformation is the ultimate goal of cloud computing and related initiatives. The phrase is certainly not a precise one, and as subject to hand-waving and distortion as any high-falutin' terminology in the world of information technology. Yet it is an excellent choice of words to describe what enterprise IT—and by extension, organizations in general—should be working to achieve. Digital Transformation means: handling all the data types being found and created in the organizat...
Jul. 30, 2015 05:00 PM EDT Reads: 1,085
Public Cloud IaaS started its life in the developer and startup communities and has grown rapidly to a $20B+ industry, but it still pales in comparison to how much is spent worldwide on IT: $3.6 trillion. In fact, there are 8.6 million data centers worldwide, the reality is many small and medium sized business have server closets and colocation footprints filled with servers and storage gear. While on-premise environment virtualization may have peaked at 75%, the Public Cloud has lagged in adop...
Jul. 30, 2015 04:00 PM EDT Reads: 2,197
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
Jul. 30, 2015 03:45 PM EDT Reads: 444
The time is ripe for high speed resilient software defined storage solutions with unlimited scalability. ISS has been working with the leading open source projects and developed a commercial high performance solution that is able to grow forever without performance limitations. In his session at Cloud Expo, Alex Gorbachev, President of Intelligent Systems Services Inc., shared foundation principles of Ceph architecture, as well as the design to deliver this storage to traditional SAN storage co...
Jul. 30, 2015 03:00 PM EDT Reads: 1,735
The Software Defined Data Center (SDDC), which enables organizations to seamlessly run in a hybrid cloud model (public + private cloud), is here to stay. IDC estimates that the software-defined networking market will be valued at $3.7 billion by 2016. Security is a key component and benefit of the SDDC, and offers an opportunity to build security 'from the ground up' and weave it into the environment from day one. In his session at 16th Cloud Expo, Reuven Harrison, CTO and Co-Founder of Tufin,...
Jul. 30, 2015 03:00 PM EDT Reads: 484
MuleSoft has announced the findings of its 2015 Connectivity Benchmark Report on the adoption and business impact of APIs. The findings suggest traditional businesses are quickly evolving into "composable enterprises" built out of hundreds of connected software services, applications and devices. Most are embracing the Internet of Things (IoT) and microservices technologies like Docker. A majority are integrating wearables, like smart watches, and more than half plan to generate revenue with ...
Jul. 30, 2015 02:30 PM EDT
The Cloud industry has moved from being more than just being able to provide infrastructure and management services on the Cloud. Enter a new era of Cloud computing where monetization’s services through the Cloud are an essential piece of strategy to feed your organizations bottom-line, your revenue and Profitability. In their session at 16th Cloud Expo, Ermanno Bonifazi, CEO & Founder of Solgenia, and Ian Khan, Global Strategic Positioning & Brand Manager at Solgenia, discussed how to easily o...
Jul. 30, 2015 01:45 PM EDT Reads: 374
The Internet of Everything (IoE) brings together people, process, data and things to make networked connections more relevant and valuable than ever before – transforming information into knowledge and knowledge into wisdom. IoE creates new capabilities, richer experiences, and unprecedented opportunities to improve business and government operations, decision making and mission support capabilities.
Jul. 30, 2015 01:45 PM EDT Reads: 260
In their session at 17th Cloud Expo, Hal Schwartz, CEO of Secure Infrastructure & Services (SIAS), and Chuck Paolillo, CTO of Secure Infrastructure & Services (SIAS), provide a study of cloud adoption trends and the power and flexibility of IBM Power and Pureflex cloud solutions. In his role as CEO of Secure Infrastructure & Services (SIAS), Hal Schwartz provides leadership and direction for the company.
Jul. 30, 2015 01:30 PM EDT
Rapid innovation, changing business landscapes, and new IT demands force businesses to make changes quickly. The DevOps approach is a way to increase business agility through collaboration, communication, and integration across different teams in the IT organization. In his session at DevOps Summit, Chris Van Tuin, Chief Technologist for the Western US at Red Hat, will discuss: The acceleration of application delivery for the business with DevOps
Jul. 30, 2015 12:45 PM EDT Reads: 1,113
Growth hacking is common for startups to make unheard-of progress in building their business. Career Hacks can help Geek Girls and those who support them (yes, that's you too, Dad!) to excel in this typically male-dominated world. Get ready to learn the facts: Is there a bias against women in the tech / developer communities? Why are women 50% of the workforce, but hold only 24% of the STEM or IT positions? Some beginnings of what to do about it! In her Opening Keynote at 16th Cloud Expo, S...
Jul. 30, 2015 12:00 PM EDT Reads: 2,047