I’m always interested in reading about information security and privacy issues reported here in the heartland.
A story in my local daily paper, the Des Moines Register, caught my eye and filled my thoughts today and points out, among other things, the importance of having policies and communicating them.
Archive for May, 2007
The Importance of Policies…Breathalyzer = Drug Test = Physical Search = 4th Amendment Violation?: Iowa High School Students Given Breathalyzer Tests at the Prom
Thursday, May 10th, 2007Two U.S. Federal Data Protection Bills Approved: One May Actually Make It Through
Wednesday, May 9th, 2007It looks like we make actually get a federal data protection law, that includes breach notice requirements, this year. Such a law is long overdue; not only to protect personally identifiable information (PII), but also to help businesses to resolve their growing headaches involved with trying to comply with at least 36 state breach notice laws as well as dozens of other state level data protection and credit freeze laws, and multiple industry-specific data protection laws.
Deadline is Today for Submitting Comments to the DHS About Draft REAL ID Rules
Tuesday, May 8th, 2007The Department of Homeland Security (DHS) published draft rules regarding REAL ID. Comments are due by 5:00 PM Eastern Time *TODAY*.
France Fines Tyco Healthcare: U.S. Companies, You MUST Know and Follow International Data Protection Laws
Monday, May 7th, 2007In April the French Data Protection Authority (CNIL) reported they had issued a $40,972 fine against a subsidiary of U.S.-based Tyco Healthcare in March for inadequate storage safeguards and cross-border transfer of employee personally identifiable information (PII).
Data Security: OECD Publishes New Privacy Guidelines for Accessing Data From Publicly Funded Research Projects
Sunday, May 6th, 2007On May 3 the Organization for Economic and Cooperation and Development (OECD) released a new 24-page guideline,”Principles and Guidelines for Access to Research Data from Public Funding” for organizations in governments throughout the world regarding access to data from publicly funded research projects.
Data Security: OECD Publishes New Privacy Guidelines for Accessing Data From Publicly Funded Research Projects
Sunday, May 6th, 2007On May 3 the Organization for Economic and Cooperation and Development (OECD) released a new 24-page guideline,”Principles and Guidelines for Access to Research Data from Public Funding” for organizations in governments throughout the world regarding access to data from publicly funded research projects.
Iowa Student Gets Internship from Google for Reporting Security Flaw: More Proof Vendors Need Stronger Security Checking For Their Products
Saturday, May 5th, 2007Last night while my sons and I were watching the news it was reported that in Davenport, Iowa a St. Ambrose University student, David Bloom, found a security flaw in early December when he was using the Google Docs and Spreadsheets program.
Employee Privacy & New Credit Check Law In Washington State Impacts Employers: Joins Similar Laws In 4 Other States
Friday, May 4th, 2007Doing background checks on potential employees, and regularly for certain positions with significant access to personally identifiable information (PII) or managemen capabilities, has been a growing trend in recent years. Such checks are viewed as ways to help prevent putting untrustworthy and significant at-risk individuals into positions where they could perform malicious and/or criminal activities.
Reducing Attack Exposure for Internet-Facing Applications
Thursday, May 3rd, 2007Yesterday the Channel 12 news in Jackson, Mississippi reported a Kennesaw, Georgia business had its Internet-facing computer system hacked. That business’s application is “now generating thousands of counterfeit messages to businesses and consumers, purporting to be a complaint filed with the BBB.”
New Study: More Confirmation That Spam Costs Businesses Significant $$
Wednesday, May 2nd, 2007On April 2 Nucleus Research, Inc. released a study, “Spam: The Repeat Offender” which reports that, according to a survey of 849 email users, 90% of all email going into company networks is spam, and 66% of spam gets through corporate filters.