Archive for March, 2007

Norwich University Fifth Annual Information Assurance Student Symposium: March 27

Friday, March 23rd, 2007

I am very honored to be an adjunct professor for the Norwich Master of Science in Information Assurance (MSIA) program.
In this role I’m also fortunate to be able to work with Dr. Mich Kabay, who is the MSIA Program Director.

(more…)

Addressing Image Spam

Thursday, March 22nd, 2007

Have you noticed an increasingly large number of email messages coming into your inbox that have the text information imbedded within graphic images? I have, and they really bug me. I know they irritate many of my information assurance professional colleagues as well. Some of these spam messages are very creative. All clutter my already overflowing email. They waste precious storage, and also clog bandwidth on enterprise networks. This is image spam.

(more…)

Most U.S. Government Agencies Still Not E-FOIA Compliant 10 Years Following Enactment; Disregard for Laws Also Leads to Disregard for Security Requirements

Wednesday, March 21st, 2007

On March 12 the National Security Archive at George Washington University issued their report, “The Knight Open Government Survey 2007.”
Basically the study looked at how many of the 149 U.S. government agencies they surveyed were in compliance with the provisions of the Electronic Freedom of Information Act (EFOIA) here at the 10 year anniversary of the Act going into effect.

(more…)

Tuesday, March 20th, 2007

Technorati Profile

Iowa Breach Notification Bill; Emphasizes Need for Documented Security Policies and Breach Plans & Establishes “Identity Theft Passport”

Tuesday, March 20th, 2007

An omnibus data security bill, H.F. 655 was introduced March 5 in the Iowa House by representatives Beth Wessel-Kroeschell (D) and Paul Shomshor (D).

(more…)

Iowa Breach Notification Bill; Emphasizes Need for Documented Security Policies and Breach Plans & Establishes “Identity Theft Passport”

Tuesday, March 20th, 2007

An omnibus data security bill, H.F. 655 was introduced March 5 in the Iowa House by representatives Beth Wessel-Kroeschell (D) and Paul Shomshor (D).

(more…)

Over 100 FACTA Lawsuits Filed in California Against Businesses Printing PII on Receipts; Are You In Compliance With All FACTA Requirements?

Monday, March 19th, 2007

I read with interest an article in today’s issue of the BNA Privacy and Security Law Report about over 100 lawsuits that have recently been filed within the California federal courts because of the amount of personally identifiable information (PII) that is printed on credit and debit card receipts.

(more…)

Over 100 FACTA Lawsuits Filed in California Against Businesses Printing PII on Receipts; Are You In Compliance With All FACTA Requirements?

Monday, March 19th, 2007

I read with interest an article in today’s issue of the BNA Privacy and Security Law Report about over 100 lawsuits that have recently been filed within the California federal courts because of the amount of personally identifiable information (PII) that is printed on credit and debit card receipts.

(more…)

Phishing for Taxpayers’ Personal Information

Saturday, March 17th, 2007

I just finished my 2006 income taxes this morning…something I absolutely HATE doing! I just hate all the forms and paperwork, all the time involved, and always keeping track of that important receipt for business software or hardware that somehow got lost or wedged in some deep dark corner of a drawer.
I’m not against taxes, per se; they are an important part of maintaining public services. But I hate how the tax laws change every year, all the odd new taxes for business owners each year, and how many strange new exemptions seem to always pop up every year, but primarily for the big organizations. I am a company of one for my information security, privacy and compliance business, and I am a company of two for my farm. Between the two there are what seems to be around a hundred different forms to fill out, and always different in little ways each year. So, I hate the time it takes to do taxes, but at the same time I am very thankful to be able to have businesses that otherwise allow me to do work I love.

(more…)

Vulnerabilities of Transport Services & Privacy Incident Example: Wellpoint CD Containing PII of 75,000 People, Lost During UPS Transport, Found

Friday, March 16th, 2007

A CD containing the clear text personal information of 75,000 WellPoint Empire Blue Cross and Blue Shield New York members that was reported lost on February 9 while being transported by UPS has been found.
The CD was lost when one of Wellpoint’s outsourced vendors, Health Data Management Solutions, sent the CD via UPS to Magellan Behavioral Health Services.

(more…)