This page is older archived content from an older version of the Emerald Publishing website.

As such, it may not display exactly as originally intended.

Emerald podcasts: enjoy Emerald content on the move!

We are now offering some of our management content as podcasts.

The podcasts available on this page are specially written by David Pollitt. They are drawn from reviews in the Emerald Management Reviews database.

Podcasts are provided as .mp3 files which you can play on your computer or upload to your mp3 player. No special software is required.

Left-click your chosen podcast link, then:

  • To play the file choose 'open' (Internet Explorer) or 'Open with' & click 'OK' (Firefox) when your browser prompts you.
  • To download the files to your computer choose 'save' (Internet Explorer) or 'Save to disc' (Firefox)

We value your feedback on this service. Please send any comments to [email protected]

View transcript

Telephone tapping can be as easy as 1234.

Telephone tapping can be as easy as 1234

Television presenter Jeremy Paxman got more than he bargained for when he went to lunch with the then-editor of the Daily Mirror, Piers Morgan, and some of the newspaper’s executives.

Paxman told the UK Leveson inquiry, looking into the role of the press and police in phone-hacking, that Morgan gave him a lesson on how to get access to messages left on people’s mobile phones.

All that is required, apparently, is to go to the factory default setting and press either 0000 or 1234. Anyone who does not insert his or her own code is, according to Paxman’s recollection of what Morgan told him, ‘a fool’.

In the March issue of Computing, John D. McGonagle reveals how smart-phones used by employees can expose organizations to serious security risks. Apparently, the functionality that makes smart-phones so attractive can also leave them vulnerable to various forms of attack.

The author explains that a major threat is from malware capable of both masking ongoing intrusion and enabling fraudsters to take control of a victim's mobile phone and intercept texts and voice-mails.

John D. McGonagle discusses the need for organizations to maintain strict controls, to be able to respond to security threats such as loss, theft and the downloading of malicious software. He considers an organization's rights in relation to monitoring data on a smart-phone used by an employee, and the practicality of using global positioning system (GPS) chips on smart-phones to 'geo-fence' employees with geo-location data and to track the movement of the phones.

The author describes the measures that information-technology managers need to take to counter the risks of using smart-phones, and urges organizations to train their employees in how smart-phones should be used.

One of the most serious aspects of security breaches to emerge recently is that many of the most successful attacks are being made against security companies which are themselves used to authenticate data and create trusted relationships.

In volume 19, issue 2 of Managing Information, Calum MacLeod explains that organizations such as RSA, Comodo, DigiNotar and VeriSign have all fallen victim to the hackers. ‘These organizations know that they are high-value targets and take extraordinary measures to protect themselves,’ says the author. ‘And yet they are still successfully attacked and breached, despite these best efforts. The inescapable conclusion is that these providers will continue to be compromised. The breaches cannot be stopped. What we have to do is learn how to anticipate these criminal attacks and prevent them.’

Calum MacLeod suggests that the first step organizations must take to protect themselves is to encrypt everything. They also need to manage all their encryption assets—particularly encryption keys. And finally, businesses need to formulate their own compromise-recovery and business-continuity plans.

One reason that firms do not routinely do this is that information security is often low on managers’ priorities. In volume 31, issue 2 of Computers and Security, Hyeun-Suk Rhee , Young U. Ryu and Cheong-Tag Kim say managers are often unaware how dangerous security breaches can be, and only act after data security has been compromised.

Clearly, this must change. Managers’ eyes must be opened and their unrealistic optimism must be challenged. The dangers of inaction are almost too frightening to contemplate.