Most people in a recent survey by Ogilvy & Mather Worldwide said they stick with the tried and true when it comes mobile payments.

Ogilvy & Mather asked 500 online customers to rate the brands they’d trust to handle their mobile payments:

• Visa: 39.6%
• Mastercard: 35.9%
• American Express: 35.8%
• PayPal: 34.3%

No surprises there.

Flashy brand names not associated with financial services fared poorly in consumer trust:

• Apple: 22.9%
• Microsoft: 22.3%
• Google: 19.5%

Facebook landed at the bottom of the heap. Only 12% of those surveyed said they’d place their trust in Facebook payment processing security.

One recommendation: Smaller tech brands should join forces with the heavy hitters — the most-trusted brands — and use that partnership to show customers they can trust your level of security.

But there’s something organizational leaders need to be aware of when mulling a cloud move with their IT team: A new survey reveals the distressing news that most vendors don’t care about keeping data secure.

That’s the word from a recent survey of cloud providers conducted by the Ponemon Institute. Among the U.S. vendors surveyed, 73% said their service doesn’t “substantially protect and secure” customers’ data.

Providers also aren’t putting a whole lot of effort into security — 79% of the vendors surveyed said they dedicate less than 10% of their resources to security.

Why is that? Cloud providers don’t believe that protecting data is their job, or that customers care. Just 25% of vendors said they view security as one of their most important responsibilities, and only 19% said security is a competitive advantage for cloud vendors.

For IT managers, this means they must be even more diligent about evaluating vendors’ security and conducting audits. It’s easy to assume a vendor will take the lead in protecting the data it stores, but as this report shows, that isn’t necessarily the case.

Businesses can keep their data safe when it’s in the cloud by:

1. Checking up on a vendor’s security controls — including learning about how its employees are hired and trained — when choosing providers
2. Making sure the provider can accommodate your company’s specific compliance and security needs, based on regulations for your industry or the company’s own policies, and
3. Keeping data with high security needs in-house. When dealing with information that’s especially sensitive, a cloud platform may not be the best option.

And there’s bad news from a recent survey: It seems the folks in charge of protecting their company’s digital data often aren’t kept informed about security breaches and challenges.

More than 82% of the 430 IT pros recently surveyed by Application Security Inc. said they played some kind of role in their company’s security.

Yet just 4% said they were kept fully informed about security breaches in their organizations.

That’s apparently led to lack of understanding about why breaches had occurred — 80% of respondents who said their companies had been hit by a breach in the past year didn’t know what IT components may have been impacted, and 90% didn’t know the financial impact on the organization.

All in all, 33% of the IT pros surveyed confessed they didn’t have a good understanding of the security threats their companies face.

The folks behind the survey stress the importance of improving communication about security, so IT can focus its energy where the dangers are.

And that improved communication can be pushed by company leaders.

The iPad has become a popular tool for some businesses, especially those with highly mobile employees who need an easy way to send and receive data on the go. Research group Forrester estimates that about half the iPads sold are being used for work in some capacity, CIO.com reports.

That’s not to say that the primarily consumer-targeted tablet device doesn’t come with question marks for businesses. Here are three concerns that may keep some companies from supporting the iPad:

1. ROI – Apps specifically meant for business use are still being developed and companies are still figuring out the best ways to use tablets, so at this stage, it may be tough to convince finance folks that the money spent on iPads will pay off.
2. Security – Experts say the new version of the iPad has made security improvements, but some businesses have yet to trust a company known primarily for consumer products when it comes to protecting business data.
3. Bandwidth – Versions of the iPad can connect to both WiFi and cellular networks, both of which present problems for businesses. Organizations in some areas may not trust their cellular connections enough to rely on them for critical data transfers. And some firms may find they need to add wireless access points to accommodate a new set of devices.

One of the keys to being an effective manager is understanding which triggers salespeople respond to the most. 

In his book How to Master the Art of Selling, sales expert Tom Hopkins suggests that there are five “prime motivators” that spur salespeople to reach new heights and overcome challenges:

1. Money. There’s no greater sales incentive than cold, hard cash. The trick is designing cash incentives that maximize profit margins, rather than eating into them.
2. Security. Money may be the reason salespeople get out of bed in the morning, but job security and the promise of gainful employment is what keeps them engaged long term. Performance reviews, senior titles, raises and promotions are ways to reinforce the fact that a salesperson is a valuable employee the organization wouldn’t want to do without.
3. Achievement. Top sales organizations make it a point to reward salespeople for career milestones and personal benchmarks, like 10 years of service, closing 100 (or perhaps even 1,000) sales, and/or promoting the company’s core values.
4. Recognition. Successful managers know a lot of what motivates salespeople to go out and do the job well boils down to the pat on the back or the public recognition they receive on a daily basis. Recognizing salespeople for their accomplishments via departmental e-mails or during meetings is a prime example of this type of motivation. Recognition is different from most other rewards because it gives a manager the opportunity to praise the behavior, as well as the result.
5. Acceptance. Recruiters often talk about whether an applicant would be a “good fit” for their company. But that type of thinking goes both ways. Salespeople who feel like others in the company respect their ideas and accept them as one of their own are generally more dedicated to achieving top-notch results. Companies that offer things like tenure or membership in high profile groups like a “President’s Club” that reward employees for their service are also promoting employee loyalty and reducing the risk of turnover.

Source: How to Master the Art of Selling by Tom Hopkins.

Companies that avoid (or, at the very least, minimize) the risk of viral attacks do so by taking proactive measures before a problem arises. A few simple precautions can help your company save significant amounts of time and money (not to mention any breach of confidential files, etc.)

Three steps you can take right now to significantly decrease your risk of exposure:

1. Back up everything on your system (and make sure employees do the same): No matter how well your servers are protected, there’s really no way to guarantee your system won’t crash, or someone’s personal PC won’t fall into a river, or a major storm won’t knock out the power. The point is, you need to make sure everything is backed up, not only at another location on your internal servers, but also on some type of external hard drive where those files won’t be in danger, should your company’s server go down. For increased protection, equip every one of your employees with a personal thumb drive, and make it a company policy that once a quarter, they need to take a few minutes to upload any new files.
2. Install antivirus software (It’s free): There are tons of antivirus software programs out there, and a lot of them are offered as free downloads (e.g., AVG provides a free download of reliable antivirus software for any system that operates using Windows). A lot of computer viruses operate like cancers, slowly (or in some cases, very quickly) spreading to every nook and cranny until the hard drive is completely unresponsive. Send an email once a month, reminding employees to run a quick scan before they start their week. They’ll catch a lot of viruses that fly under the radar, slowly revealing themselves through slower running systems and other system failures.
3. Bring PCs in for regular check-ups: Partner with IT to ensure every computer in your department receives regularly scheduled tuneups, during which IT pros can update operating systems, flag any problems, and suggest ways for employees to streamline their operating systems so things run more smoothly.

Preventative maintenance is the key. The time you spend taking proactive measures is nothing compared to the hours of lost work (not to mention privileged info) you risk by leaving your operating system open to threats.

Source: “Resolved: How to Keep Your Computer Safe, Clean, and Backed Up in 2011,” by Adam Dachis, Lifehacker, 1/3/11.

• 1.    Hang onto it: Maintaining physical control of the device is nine-tenths of effective security.
• 2.    Use a passcode when using it in public: This blocks unauthorized app/info access to apps and info. For long-term security, physical control’s needed so it can’t be wiped.
• 3.    Enable automatic data erasing: This wipes your data after 10 failed passcode attempts. This is only a good idea if you back up faithfully.
• 4.    Restrict capabilities: This adds additional controls and can be passcoded so admins can configure them but users can’t change them.
• 5.    Use a VPN: This will allow you to encrypt all WiFi traffic, using your VPN service. Great for public use of the iPad by road warriors.
• 6.    Try out MobileMe: Yes, you have to pay for it, but it’ll be worth the price if you want to find your device when it’s lost or stolen. Mobile Me also lets you remotely wipe the device of all data.
• 7.    Jailbreak cautiously: Jailbreaking the device can drastically alter its controls and voids your warranty.
• 8.    Be stingy about sharing: These are really single user devices and don’t support multiple user accounts. Every user has total access to all the data on the device. Nuff said.
• 9.    Update, update, update: Apple’s better than many companies about updating devices to deal with vulnerabilities. Updating’s easy. Do it.

The TSA anticipated that travelers would be squeamish about agents doing these full body scans, but it seems that after scanning about 4 million passengers with the 80 machines now in use at U.S. airports, only about 600 of those scanned are griping about the experience.

The big reservations: modesty and radiation exposure. Both these worries, however, seem to be fading into the background as travelers become accustomed to the new scanners.

Still, nobody at the TSA seems to want to rock the public’s boat, so the word is that being scanned won’t be mandatory even when the technology’s widely deployed. Airline passengers will always get the option of a hands-on, pat-down instead.

If you really want to kill some time in the airport, there’s always that option. Otherwise, it doesn’t seem as if getting a full-body scan is annoying enough to prompt too much protest.

By the end of the year, it’s expected that about 450 body scanners will be in use in the nation’s airports.

That’s because many financial institutions that issue credit cards will now place a fraud hold on cards used overseas unless the card holder gives them a heads up about the travel plans.

And if your card gets flagged by your bank anyhow, be prepared to answer a litany of questions from its security folks that could include more than just your mother’s maiden name.

That’s because there’s mounting evidence that social networking sites may be providing info on users to their financial institutions. If you or your relations frequent these sites, your bank may have mined your profile — or the profile of your relatives — to find out more details about you than you’ve ever imagined.

On his blog, security researcher Roger Thompson tells a truly cautionary tale of a recent trip overseas when his credit card got frozen by his bank.

Seems the U.S.-based Thompson never let his bank know he’d be in the U.K., so when he tried to check out of a London hotel, his card couldn’t be processed.

Thompson got on the phone with his bank, Wachovia, to verify that he was in fact the card holder.

That’s when things got weird.

The Wachovia security rep starting grilling him about details of his life Thompson never provided the bank with. Sure, he’d given up his mother’s maiden name to be used as identity verification.

But the security rep on the line starting asking questions about Thompson’s daughter-in-law, someone he’d never told them about — her age and such. The security guy also used her maiden name, despite the fact she’d been married to Thompson’s son for nine years.

Ever the security researcher, he began to ponder where they could have gotten this data. His conclusion: The only place it existed online was Facebook, where his daughter-in-law was his “friend.”

In a follow up to his original post, Thompson wonders this: If everybody’s using Facebook for free, but there are scores of pricey developers writing applications for the site, then how exactly are they getting paid?

The commodity Facebook has to sell is information. Users’ information. Who could blame them if they put a price tag on it?

All those “apps” on Facebook that ask to use your information must be doing something with it. Are the creators of those farms or gardens or quizzes really all that interested in your fertilizer preference or who’d play you in a biopic?

The survey, which polled more than 35,000 workers across multiple industries, based its results on what percentage of employees in each field felt their job was totally secure. According to the results, general surgeons and emergency room physicians have the least risk of losing their jobs (100% of those surveyed felt their job was completely secure).

While that may not come as a surprise, considering physicians are always in demand and surgeons are highly specialized, take a look at these everyday professions that landed just below them on the list:

• Marketing Manager (#3 on the list, 100% feel their job is secure): It takes time and experience to move to the top of the marketing department at most companies. But once you do so, the salary and security are worth their weight in gold (Marketing Manager was also #26 on CNN‘s list of the best jobs in America).
• Software Development Director (#5 on the list, 97% feel their job is secure): In the digital age, there’s no shortage of demand for high-level tech geeks. This is a niche profession where those fortunate enough to have the right experience are reaping the benefits.
• Director of Communications (#7 on the list, 96% feel their job is secure): Who would’ve thought it, right? But those execs who plan public relations campaigns and stand out front as the “face of the company” for press and media relations apparently have very little risk of falling victim to corporate cutbacks. In addition to providing job security, communication specialists also came in at #31 on CNN‘s list of the best jobs in America.

We’ve included the complete top 10 below. Are there any other professions you’d add to this list?

Top 10 most secure jobs in America:

1. Emergency Room Physician
2. General Surgeon
3. Marketing Manager
4. Nurse Practicioner
5. Software Development Director
6. Physician Assistant
7. Director of Communications
8. Physical Therapist
9. Speech-Language Pathologist
10. Attorney

Source: “The Top 10 Most Secure Jobs,” CNNMoney, November, 2009

Setzer wasn’t far off. It now appears that it was actually a former beau of Sanford’s Argentine mistress who had access to her account and found the salacious messages. This jealous fellow appears to have been the culprit who leaked the e-mails to the press.

Could this happen to any business leader or high profile public person? Seems Sanford proved it can.

Any executive whose assistant has routine access to the boss’s’ e-mail or computer can easily find private messages either on the business e-mail account or on other personal accounts merely by navigating to the e-mail software that accesses those messages.

This software could be based on the Internet — say a Google mail or AOL mail account that is accessed by visiting a Web site and signing in.

Even an Outlook account could be easily viewed, if the assistant or co-worker had the user name and password.

Setzer says it’s unlikely a guy like Sanford would use the South Carolina government e-mail system to communicate with his lover. Those e-mails, says Setzer, would be subject to archiving by law.

Many corporate e-mails have the same restrictions because of  regulations that govern how companies operate.

But there’s nothing to stop anyone from acquiring a free, off-the-reservation e-mail account that can be used to send messages around the world somewhat anonymously.

It’s important, says Setzer, that if you’re going to use a personal e-mail for private communication that you pick a provider that uses TLS or another e-mail encryption technology.

Without it, an e-mail is just like a postcard; anyone can flip it over and read what’s written.

Setzer recommends using one of the larger, free services that’s secure. Many are not. (To see if your free, Web-based e-mail account is secure, look in the Web address to see if it starts with “https”; if it just says “http” then you’re not using a secure server.) The advantage of the large services? The bigger the service, the more obscure its users.

“There’s security by obscurity,” says Setzer.

Using the same service as the person you’re communicating with also means your messages never leave the provider’s servers — another level of insurance against sniffing by hackers.

But in the end, says Setzer, once someone else learns your user name and password, even your encrypted e-mail isn’t safe.

For that reason, don’t cache (save) your login and password to any computer — even your personal laptop. Because all you’ll need to do is leave the room for a moment before someone sits down at the screen finds it.

Another safeguard: Change your password regularly. Yes, it’s a hassle, but you’ll save yourself a world of hurt by taking this easy step on a routine basis.

And finally, learn the rules of creating a highly secure password. They include:

• Don’t use personal info. It’s simple, especially in these days of Facebook and MySpace, for hackers to figure out your kids’  and pets’ names, your birthdate or other commonly used specifics.
• Don’t use real words. There’s now software that can quickly enter every real word in the dictionary so it can be tried as the passcode for your account.
• Use a mix of characters. Include letters and numbers, upper and lower case.
• Use a passphrase. This is a “word” you make up by picking a line of dialogue or lyrics and using the first letter of each word to craft a unique phrase.