Episode 178: Killing Encryption Softly with the EARN IT Act. Also: SMBs Struggle with Identity

In this episode of the Security Ledger Podcast sponsored* by LogMeIn and LastPass: the EARN IT Act is slouching its way to passage on Capitol Hill, alarming privacy and civil liberties experts. Andrea Little Limbago the Chief Social Scientist at the firm Virtru joins us to talk about why EARN IT is so dangerous. Also: small and medium sized businesses are the majority of businesses in the U.S., but they are often overlooked by the companies marketing and selling security solutions. Rachael Stockton of LogMeIn and LastPass joins us to talk about a new survey of SMBs that reveals struggles to manage identity and authentication challenges.

---

It is hard to see through the miasma of the Corona Virus pandemic, what with school and business closings, deserted public squares and empty roads scrambling the very functioning of societies world wide.

Concerns about EARN IT on Privacy, Civil Liberties

But response to COVID-19 isn’t the only issue before lawmakers in Washington D.C. these days, and privacy advocates and civil libertarians are raising alarm that one piece of legislation that is up for consideration could reverse decades-old privacy and free speech protections and force companies like Facebook and Google to create government “back doors” to customer data.

The so-called EARN IT Act would penalize companies that thwart investigations into child sexual abuse imagery – for example, but using end to end encryption that makes the images hard for law enforcement to access the data. The law would remove “Section 230” protections that shield tech firms like Facebook and Twitter from legal responsibility for the content posted on their platforms. It is the latest salvo in a years long effort by the Justice Department to undermine consumer encryption technologies and ensure the privacy of data.

To talk more about EARN IT and what it might mean for consumers and the technology industry, we invited Andrea Little Limbago into the studio to talk. Andrea is the Chief Social Scientist at the firm Virtru where she focuses on the intersection of technology, cyber security and policy.

Exploring how SMBs struggles with Identity

Up Next: COVID 19 isn’t the only epidemic going on these days. In the business world, there’s an ongoing epidemic of phishing attacks and ransomware outbreaks affecting companies of all sizes, but particularly small and medium businesses. At the root of that epidemic is, often, weak user account security and an over reliance on insecure, alphanumeric passwords.

Companies can increase their security greatly by limiting the number of passwords its employees manage and using stronger technology to secure those passwords such as password managers and multi-factor authentication.

But that’s a tall task for many firms. A survey conducted by LogMeIn found that there were big differences in the readiness of SMBs to embrace stronger authentication, depending on their industry.

In this podcast, we’re joined by Rachael Stockton the Senior Director for Product Marketing at LogMeIn to go over what LogMeIn and LastPass found out and how SMBs can get in front of identity and authentication problems.

---

(*) Disclosure: This podcast was sponsored by LastPass, a LogMeIn brand. For more information on how Security Ledger works with its sponsors and sponsored content on Security Ledger, check out our About Security Ledger page on sponsorships and sponsor relations. 

As always,  you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and check us out on SoundCloud, Stitcher, Radio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted.