Archive for the ‘Information Security’ Category
Monday, July 9th, 2007
This weekend there was a lot of attention on the environmental crisis facing the planet. There was the Live Earth concert on 07/07/07. Tonight the news was filled with more talk of new laws and initiatives, such as banning bottled water in restaurants in some of the states.
(more…)
Tags:awareness and training, corporate governance, encryption, Information Security, IT compliance, Live Earth, mobile computing, privacy, work from home
Posted in Information Security, Miscellaneous | No Comments »
Saturday, July 7th, 2007
I’ve always been fascinated with numbers. Math has always been fun, and one of my degrees is in math. I’ve never really studied numerology, but today’s date, 07/07/07, only happens once each century, and it is interesting to see how many people are celebrating it in various ways.
(more…)
Tags:awareness and training, corporate governance, cybercrime, Information Security, IT compliance, Live Earth, privacy, social engineering
Posted in Information Security, Miscellaneous | No Comments »
Friday, July 6th, 2007
I love my dialup! Yes, I mean dialup Internet connection. I’ve been on a broadband wireless connection via a satellite on my roof for a little over a year, but I kept my dialup account just in case I ever needed a backup. Today I needed a backup.
(more…)
Tags:awareness and training, corporate governance, Cutter Consortium, dialup, disaster recovery, emergency management, emergency planning, Information Security, IT compliance
Posted in Information Security | No Comments »
Tuesday, July 3rd, 2007
I’ve been working in my home office for around 7 1/2 years, being able to do most of my project work from home, which I’m thankful for. During that time my now 10-year-old and 7-year-old (he’ll remind you he turns 8 next month) sons have been around me quite a bit as I do my work. So I discuss a lot of what I do with them, they ask a lot of questions, and they soak a whole lot more into their brains than I realize. Especially over summer when they are at home with me virtually all day every day.
(more…)
Tags:awareness and training, copyrights, Information Security, intellectual property, IT compliance, online scams, phishing, policies and procedures, privacy, risk management, trademarks
Posted in Information Security, Privacy and Compliance, Training & awareness | 3 Comments »
Monday, July 2nd, 2007
I speak with many organizations who have customers throughout the world, often via their ecommerce websites, and an alarmingly large number of these organizations are completely unaware of the data protection laws they must follow in the countries where their customers are from. When the privacy commissioners from these other countries discover the organizations not following the laws, the organizations can have substantial financial impact on their businesses from not only fines, but typically more significantly from bad press, and orders to discontinue business within the country until they have their business activities, policies and processes in compliance with the requirements.
(more…)
Tags:awareness and training, Information Security, IT compliance, Littlewoods Shop Direct Home Shopping, opt-out, Orange Personal Communication Services, personally identifiable information, PII, policies and procedures, privacy, risk management, U.K. Data Protection Act
Posted in Information Security, Laws & Regulations, Privacy and Compliance | No Comments »
Thursday, June 28th, 2007
Much is written about the many different ways in which sensitive data is leaked…and yes, there certainly are MANY ways!
Something I noticed once more today while I was doing some online research was the incredibly large amount of personally identifiable information (PII) I found within the PDFs I discovered during my searches.
(more…)
Tags:awareness and training, Information Security, IT compliance, metadata, PDF, Planet PDF, policies and procedures, privacy, risk management
Posted in Information Security, Privacy and Compliance | No Comments »
Wednesday, June 27th, 2007
Over the weekend a news story appeared in Australia that I’m sure is occurring in MANY other organizations, far beyond just schools; “Teachers being secretly filmed by students”
(more…)
Tags:awareness and training, cell phones, Information Security, IT compliance, monitoring, MySpace, policies and procedures, privacy, risk management, surveillance, YouTube
Posted in Information Security, Privacy and Compliance, Privacy Incidents | No Comments »
Tuesday, June 26th, 2007
Here’s a great conversation starter for a nice chat with your business leaders, “The FBI has found over 1 million computers are controlled by criminal botnets.”
Be prepared to answer some follow-up questions from your business leaders after telling them this, such as…
(more…)
Tags:awareness and training, botnet, cybercrime, FBI, Information Security, IT compliance, malware, policies and procedures, privacy, risk management
Posted in Information Security, Training & awareness | 1 Comment »
Tuesday, June 26th, 2007
Tags:AOL, awareness and training, CAN-SPAM, FBI, Information Security, IT compliance, Jeffrey B. Goodin, Ontario Police Department, phishing, policies and procedures, privacy, risk management
Posted in Information Security, Laws & Regulations, Privacy and Compliance | No Comments »
Monday, June 25th, 2007
Every week…sometimes daily…it seems there is a new type of social engineering attack targeting specific groups. The social engineering fraudsters are pretty creative and many adept at exploiting the vulnerabilities and weaknesses of these groups. They use face-to-face methods, phone calls, email messages, faxes, and any other communication path that could take them to a willing victim.
(more…)
Tags:American Red Cross, awareness and training, FTC, Information Security, IT compliance, phishing, policies and procedures, privacy, risk management, social engineering
Posted in Information Security, Privacy Incidents, Training & awareness | 12 Comments »
