admin « Risk Management and Compliance

Author Archive

Citibank Data Security Breach

Posted: 24th June 2011 by admin in Hacking News, PCI, risk assessment, Security Assesment, Security Policy, Web Security
Tags: citibank hack

Citibank Data Security Breach, credit cards stolen

Google Me on the Web, is it any good?

Posted: 17th June 2011 by admin in Google, Identity theft, Security Policy, Web Security

Google Me on the Web, identity theft and reputation management

Ignorance is far from bliss with a Global Supply Chain

Posted: 4th June 2011 by admin in Compliance, Global Disaster, Global Incident Map, SCRM, Supplier Security, Supply Chain Risk Management, Suppply Chain Management
Tags: Supply chain, Supply chain management

In this time of global financial insecurity, large scale companies are stretching further and further across the planet in order to reduce costs and remain competitive. But this strategy brings with it risks. The pressure on a global company’s supply chain is simply immense, with operations stretching across whole continents and handfuls of countries, variables [...]

Pleasant Grove man sentenced to 6 years in federal prison for role in prescription fraud case

Posted: 27th May 2011 by admin in Government Security, Hacking News, HIPAA, Identity theft, Security Assesment, Security Policy
Tags: Credit card, Health Insurance Portability and Accountability Act, Identity theft, Theft

Healthcare HIPAA Identity Theft

Whitehouse has released a cybersecurity plan

Posted: 13th May 2011 by admin in Compliance, Government Security, Identity theft, Security Policy, Web 2.0
Tags: Computer security, Critical infrastructure, Federal Information Security Management Act of 2002, Intrusion prevention system, Local Government, United States, United States Department of Homeland Security, White House

According to the press release they say “Our critical infrastructure – such as the electricity grid, financial sector, and transportation networks that sustain our way of life – have suffered repeated cyber intrusions, and cyber crime has increased dramatically over the last decade. The President has thus made cybersecurity an Administration priority. When the President released his Cyberspace Policy Review almost two years ago, he declared that the “cyber threat is one of the most serious economic and national security challenges we face as a nation.”

Geo-tagging photos can lead to cyberstalkers finding you

Posted: 4th February 2011 by admin in Corporate Stupidity, Hacking News, malware, Security Policy, social media, Social network, Web Security
Tags: Facebook, Global Positioning System, iPhone, Mobile phone, MySpace, social media, Social network service

A new threat could be giving up your location when you post a picture from inside your house. A team of scientists dicovered that with some smartphones, a user’s latitude and longitude can be attached tothe picture you post in the metadata.

Facebook’s new security features and the Zuckerberg hacking incident

Posted: 28th January 2011 by admin in Compliance, Corporate Stupidity, Hacking News, Identity theft, Security Policy, social media, Web Security
Tags: Facebook, Mark Zuckerberg, Microsoft, Muhammad Yunus, Nobel Prize, Social business, Social network service, TechCrunch

Facebook’s new security features and the Zuckerberg hacking incident

Tips to Avoid Confidentiality Issues When Using Social Networking Media

Posted: 7th December 2010 by admin in HIPAA, Security Policy, social media, Social network
Tags: Business, Confidentiality, Facebook, Health Insurance Portability and Accountability Act, social media, Social Media Networks, Social network service, Twitter

Social media sites have gained popularity in the past ten years as a medium to keep in contact with loved ones, business associates and friends. However, there can be drawbacks to the usage of said media when one is employed in certain career fields, such as the healthcare industry. Utilizing social media networks can inadvertently [...]

Social Media Warfare: Are you attacking or defending?

Posted: 6th September 2010 by admin in antivirus, Compliance, Entrepreneur, Phishing, risk assessment, Security Assesment, Security Policy, social media, Social network, Web 2.0, Web Security
Tags: Apple, Facebook, Microsoft, Phishing, social media policy, social media security, social media war, Twitter

Image via CrunchBase Is there such a thing as Social Media Warfare? We have had cyber warfare going on for years now. So it should be an obvious “YES” that Social Media warfare exists. But is that true? To get to a full blown war opposing sides go through an escalation process. Where are we [...]

Building a Social Media Policy

Posted: 11th August 2010 by admin in Compliance, Could Computing, Entrepreneur, risk assessment, Security Assesment, Security Policy, social media, Social network
Tags: Facebook, social media, social media policy, social media security, Social network, Twitter

Image by ivanpw via Flickr Social Media Policy Social Media has become part of the user community several years ago. Today we have social media in the corporate environment. The main problem we have is how social media has evolved. It has been a bottom up approach. By bottom up I mean that the consumer [...]

Corporate Reputation Management: Can a company require you register your Social Media Profile with Human Resources?

Posted: 25th May 2010 by admin in Compliance, social media, Social network
Tags: Business, Dave Carroll, Employment, Facebook, Human resources, social media, United Airlines, YouTube

Image via CrunchBase When you join a company, you relinquish certain rights. The workplace is not a democracy. Yet many people still think that their corporate email, their corporate computers and the data they use is “theirs”. Who owns that data? Well the answer is the company. Companies are concerned with data loss prevention. A [...]

Data Lifecycle Management: How to reduce risk, Part 2

Posted: 2nd May 2010 by admin in Compliance, Vendor Risk
Tags: Business, Company, Consultants, Data, Data Lifecycle Management, General and Freelance, Ponemon Institute, security

Data Lifecycle Management: How to reduce risk Part 2 The Data Lifecycle Management (DLM) goes through 5 steps: creation, usage, transport, storage and destruction. Most companies have parts of this lifecycle under control, but that means there are lots of areas for gaps in the control measures that could let a threat affect the data. [...]

Data Lifecycle Management: How to reduce risk (part1)

Posted: 21st April 2010 by admin in Compliance, risk assessment, Security Assesment, Supplier Security, Unstructured Data
Tags: data lifecycle, Data management, risk reduction, security, Technology

The Data Lifecycle goes through 5 steps: creation, usage, transport, storage and destruction.

What are the features you need a Windows Security Host Diagnostic tool?

Posted: 1st April 2010 by admin in Compliance, Could Computing, HIPAA, Managed Security, PCI, risk assessment
Tags: Federal Information Security Management Act of 2002, Health Insurance Portability and Accountability Act, Operating system, Policy

Image via Wikipedia There is a lot of focus on network security and application security today. Years ago it was operating system security that was all the rage. But with the advent of the strict requirements of some of the regulations such as HIPAA, PCI, SOX, and FISMA, more attention needs to be paid to [...]

Washington State implements PCI law

Posted: 30th March 2010 by admin in Compliance, Could Computing, HIPAA, PCI, risk assessment, Security Assesment
Tags: Data security, Minnesota, Payment Card Industry Data Security Standard, security

Image via Wikipedia PCI laws are expanding around the country. Washington State is the latest to add a law to their books. Washington state follows Nevada and Minnesota in implementing Payment Card Industry Data Security Standard (PCI), the law is HB 1149. It changes the breach notification law they already had on the books. The [...]

What are the challenges with protecting electronic documents?

Posted: 29th March 2010 by admin in antivirus, Compliance, Corporate Stupidity, risk assessment, Security Assesment
Tags: Adobe Systems, Apple, Data loss prevention products, Document management system, malware, security

Image via Wikipedia We have seen a lot of problems with Adobe vulnerabilities. Adobe has been getting beat up with all the negative publicity in the past few months. Apple is restricting access to Adobe on their devices. Has anyone tried their remote desktop sharing? I wonder if some vulnerability will be release in that [...]

What is Social Media INSecurity?

Posted: 24th March 2010 by admin in Entrepreneur, Security Assesment, social media, Social network, Web 2.0
Tags: Facebook, Friendster, Google, LinkedIn, MySpace, Online Communities, social media, Twitter

Image via CrunchBase The trends in Social Media are heading towards more sharing of information. But sharing of information has moved beyond your circle of friends and family. Social media is becoming less social and more… well more corporate. Or more like many people shouting in a bar, you are all in close proximity, but [...]

Can you protect yourself on Social Media?

Posted: 1st March 2010 by admin in antivirus, Identity theft, social media, Social network
Tags: antivirus, Antivirus software, Facebook, LinkedIn, malware, MySpace, network security, Phishing, security, social media, Social network, Spyware, Twitter

Image via Wikipedia One of the greatest challenges to privacy and security in the next several years is Social Networks and Social Media. Sites like Facebook, Twitter, LinkedIn, MySpace and others can be the downfall of valuing information. The ability to share and provide information is completely the opposite of network security requirements. This is [...]

Risk Management and Compliance

Pages

Recent Posts

Categories

Blogroll

Archives

Popular Tags

Post Archives