Security Market Segment LS
Thursday, 11 May 2017 14:01

Could your chatbot spill the beans?


Organisations planning to deploy chatbots should consider the security implications.

Chatbots are the UI flavour of the month, perhaps reflecting the shift from consuming cloud-based services via a browser to a more app-centric model. If you don't keep a browser open because most of your work is done in apps, it makes more sense to be able to communicate with non-app services via the chat app that you keep open for collaborating with your extended team.

Rather than opening a browser and connecting to (say) your company's HR system to find out how many day's leave you have available, it becomes more convenient to simply direct the question to your corporate chatbot.

It's not just for internal use, as organisations are always looking for more ways to interact with their customers, according to CyberArk APAC senior director of pre-sales Jeffrey Kok. For example, banks successively offered ATMs, Internet banking and mobile banking. They are "always adapting to the latest technology", he said.

Advances in AI make it possible to automate many responses, so a growing number of organisations are starting to use chatbots. Being able to ask questions such as "what is my credit card balance?" is particularly good for non-technical users as it is "a more intuitive mechanism", Kok told iTWire.

The growing use of voice-based services such as Siri and Alexa are adding to the expectation that systems can respond to natural language, as well as resetting people's expectations so they don't expect a computer to understand what they mean first time, every time.

But new channels mean new exploits, he warned.

To help avoid such issues, he recommends that organisations quickly establish their official chat channels on services such as Facebook Messenger rather than leaving a void that can be easily filled by impersonators, and then tell customers exactly where they can find the organisation. Other types of social media such as YouTube can also be used to help educate customers about best practices, he suggested.

Where organisations use Messenger, Facebook can help detect malicious activities, Kok said.

The growing use of mobile devices rather than desktop and notebook computers also improves security, he suggested. While criminal groups have proved adept at creating Windows malware that can intercept online banking communications to steal credentials or alter transactions, mobile platforms — especially iOS — are more secure, he said.

Mobile platforms also provide opportunities for better behavioural analytics (including location), as well as various mechanisms for two-factor authentication.

Kok suggests setting up multiple service tiers according to the level of trust and authentication associated with a particular session. For example, a bank chatbot wouldn't care who asked for the location of the nearest ATM, but would only carry out a transaction such as transferring money for a fully-authenticated user.

This also applies to internal systems, and the more sensitive the request, the more rigorous the authentication should be.

By putting the right security mechanisms in place today, organisations are better able to deal with new channels, he said, and CyberArk could help them with that task.

Subscribe to ITWIRE UPDATE Newsletter here

Now’s the Time for 400G Migration

The optical fibre community is anxiously awaiting the benefits that 400G capacity per wavelength will bring to existing and future fibre optic networks.

Nearly every business wants to leverage the latest in digital offerings to remain competitive in their respective markets and to provide support for fast and ever-increasing demands for data capacity. 400G is the answer.

Initial challenges are associated with supporting such project and upgrades to fulfil the promise of higher-capacity transport.

The foundation of optical networking infrastructure includes coherent optical transceivers and digital signal processing (DSP), mux/demux, ROADM, and optical amplifiers, all of which must be able to support 400G capacity.

With today’s proprietary power-hungry and high cost transceivers and DSP, how is migration to 400G networks going to be a viable option?

PacketLight's next-generation standardised solutions may be the answer. Click below to read the full article.


WEBINAR PROMOTION ON ITWIRE: It's all about webinars

These days our customers Advertising & Marketing campaigns are mainly focussed on webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

We have a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you.


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News