Archive for the ‘Security Assesment’ Category

Building a Social Media Policy

Posted: 11th August 2010 by admin in Compliance, Could Computing, Entrepreneur, Security Assesment, Security Policy, Social network, risk assessment, social media
Tags: , , , , ,
Comments Off

Image by ivanpw via Flickr Social Media Policy Social Media has become part of the user community several years ago. Today we have social media in the corporate environment. The main problem we have is how social media has evolved. It has been a bottom up approach. By bottom up I mean that the consumer [...]

Data Lifecycle Management: How to reduce risk (part1)

Posted: 21st April 2010 by admin in Compliance, Security Assesment, Supplier Security, Unstructured Data, risk assessment
Tags: , , , ,
Comments Off

The Data Lifecycle goes through 5 steps: creation, usage, transport, storage and destruction.

Washington State implements PCI law

Posted: 30th March 2010 by admin in Compliance, Could Computing, HIPAA, PCI, Security Assesment, risk assessment
Tags: , , ,
Comments Off

Image via Wikipedia PCI laws are expanding around the country. Washington State is the latest to add a law to their books. Washington state follows Nevada and Minnesota in implementing Payment Card Industry Data Security Standard (PCI), the law is HB 1149. It changes the breach notification law they already had on the books. The [...]

What are the challenges with protecting electronic documents?

Posted: 29th March 2010 by admin in Compliance, Corporate Stupidity, Security Assesment, antivirus, risk assessment
Tags: , , , , ,
Comments Off

Image via Wikipedia We have seen a lot of problems with Adobe vulnerabilities. Adobe has been getting beat up with all the negative publicity in the past few months. Apple is restricting access to Adobe on their devices. Has anyone tried their remote desktop sharing? I wonder if some vulnerability will be release in that [...]

What is Social Media INSecurity?

Posted: 24th March 2010 by admin in Entrepreneur, Security Assesment, Social network, Web 2.0, social media
Tags: , , , , , , ,
Comments Off

Image via CrunchBase  The trends in Social Media are heading towards more sharing of information. But sharing of information has moved beyond your circle of friends and family. Social media is becoming less social and more… well more corporate. Or more like many people shouting in a bar, you are all in close proximity, but [...]

When will Vendors provide Risk Assessments of their products?

Posted: 17th February 2010 by admin in Compliance, Hacking News, Security Assesment, Supplier Security, Web Security, antivirus, risk assessment
Tags: , , , , , , , , ,
Comments Off

Image via Wikipedia Vendor risk assessment are not part of everyday corporate managememnt but it should be. If you drive a car and every week you have to get something fixed it would prove pretty annoying, disgusting, outrageous and you probably you would never buy that model again and probably wouldn’t by from that manufacturer [...]

What is the value of a Data Breach?

Posted: 27th January 2010 by admin in Compliance, HIPAA, Hacking News, PCI, Security Assesment
Tags: , , , ,
Comments Off

Image by Getty Images via Daylife SC magazine just reported that the Ponemon Institute has determined the cost of a data breach is $204 per record. “Data breaches last year cost organizations $204 per exposed record on average, which represents an almost two percent increase over 2008, according to the fifth annual “Cost of  Data [...]

FTC’s Additional Rules for HIPAA Security

Posted: 23rd August 2009 by admin in Compliance, Government Security, HIPAA, Security Assesment, risk assessment
Tags: , , ,
Comments Off

FTC’s Additonal Rules for HIPAA Security The Federal Trade Commission (FTC) recently issued a rule which gives more scope to the data breach notification rules as part of the Health Insurance Portability and Accountability Act (HIPAA). The addition targets companies that provide health info in an online storage facitlity. Things like Google Health or Healthvault [...]

Data Loss, this time with Network Solutions

Posted: 27th July 2009 by admin in Hacking News, PCI, Security Assesment, Web Security, malware
Tags: , ,
2

Data Loss, this time with Network Solution Network Solutions, one of the largest domain registrars recently announced a data breach. Malicious code was found on its e-commerce server which may have captured transactions from thousands of websites and capturing half a million or more credit cards. The company said they found the code during a [...]

Data Breaches are still misunderstood

Posted: 19th July 2009 by admin in Compliance, Corporate Stupidity, Security Assesment, antivirus
Tags: , ,
Comments Off

The Ponemon Institute and Ounce Labs (www.ouncelabs.com) released a study on the view CEOs have regarding data protection in their environment. In the study of 213 CEOs and other senior executives, CEOs did not share the same view on how secure their organization is with their executives. 92 percent of respondents said they were attacks. [...]

HIPAA Assessments are the next wave

Posted: 12th July 2009 by admin in Compliance, Government Security, HIPAA, Security Assesment
Tags: , , ,
Comments Off

In February, CVS was ordered to pay a fine of 2.5million dollars by the FTC. This fine was because their employees threw out personal information about patients. Who knew poor recycling programs could cost so much? HIPAA has been around for a number of years but not until recently did we see that it has [...]

Vanguard Security Conference – Supplier Security

Posted: 2nd June 2009 by admin in Security Assesment, Supplier Security
Tags: , , , , , , ,
Comments Off

I spoke yesterday at the Vanguard Security Conference (http://www.go2vanguard.com) Vanguard has been doing this conference for a number of years. The focus is on Mainframe security. Most security professionals these days have never worked on MF security. I am proud to say I have back in the mid-90′s. We perhaps I shouldnt be do happy, [...]