Archive for the ‘Miscellaneous’ Category
Wednesday, January 13th, 2016
In November, some of my friends contacted me, saying they thought I did a pretty good job with my 2015 predictions, and wanted to know what I am predicting for 2016. So here are some good possibilities for the year to come, along with a rewind to see how close I hit the 2015 predictions. (more…)
Tags:data security, HIPAA, Internet of Things, IoT, privacy, privacy professor, Rebecca Herold
Posted in Cybersecurity, HIPAA, Information Security, Internet of Things, Miscellaneous | No Comments »
Friday, May 8th, 2015
What does the past teach us about how to #befutureready in BYOD?
During the last half of the 1990s there was concern for the growing use of employees’ own home desktop computers to dial-in to the corporate network from home. Thousands of articles and hundreds of conference sessions discussed the associated risks, and then how to mitigate them through documented policies and the use of new tools. Soon after 2000 passed the concerns expanded to employees using their personally owned laptops, not only outside of the office, but even bringing them into the facilities to use instead of the corporate-issued computers. Thousands more articles, and hundreds more conference sessions discussed how to address the risks. (more…)
Tags:befutureready, cybersecurity, Dell, employee, future ready, high tech, Information Security, insider threat, Internet of Things, mobile working, policies, privacy, privacy professor, privacyprof, procedures, Rebecca Herold, risk management, toprank
Posted in Information Security, Miscellaneous | No Comments »
Tuesday, October 1st, 2013
“Sometimes I feel like…somebody’s watching me! And I have no privacy!”
(The Rockwell hit from…quite appropriately…1984.)
Each day, we are tracked by the ‘smart’ systems, mobile apps, personal communication devices and other surveillance platforms that have become commonplace in our daily lives. In an effort to educate more people, and businesses, about the data trails they are leaving behind (and the companies, data bureaus and marketers who are sniffing out that trail), I created this new infographic (more…)
Tags:awareness, big data, breach, compliance, data protection, encrypt, encryption, IBM, Information Security, information technology, infosec, Internet of Things, IT security, midmarket, monitoring, NIST, non-compliance, NSA, personal information identifier, personal information item, PHI, PII, policies, privacy, privacy breach, privacy laws, privacy professor, privacyprof, Rebecca Herold, risk assessment, risk management, security, social network, surveillance, systems security, training
Posted in Miscellaneous, privacy | No Comments »
Thursday, May 17th, 2012
I was recently speaking with a friend on the phone, and she said, “I just had the most embarrassing thing happen! I had one of my Facebook friends send me a text teasing me about reading a rather sleazy article on TMZ. I did not know what she was talking about! So, I went to my Facebook page, and sure enough, down the timeline there was an article I had only briefly gone to the previous day after clicking a headline about moms on Google news and landed on a page; I quickly got off of when I saw it. I was so embarrassed to see that my brief visit to the page had been posted on my Facebook page! I don’t even go to TMZ on purpose, why is Facebook suddenly tattling on me when it accidentally went there?” (more…)
Tags:audit, big data, breach, breach response, change controls, compliance, DailyMotion, data analytics, data mining, encryption, facebook, foursquare, frictionless sharing, gartner, IBM, Information Security, information technology, infosec, IT security, Keywords: personal information, Metacafe, midmarket, Netflix, non-compliance, personally identifiable information, PII, policies, privacy, privacy breach, privacy professor, privacyprof, protected health information, Rebecca Herold, security, security engineering, sensitive personal information, Socialcam, SPI, spotify, systems security, Viddy, Washington post, WPO, Zuckerberg
Posted in Miscellaneous | 2 Comments »
Friday, July 8th, 2011
I just got off a 30-minute call that came unsolicited from a young-sounding man with a very thick Indian accent who, when I asked him his name, said it was Jason Anderson (doesn’t sound like an authentic name of someone from India). He told me he was calling me because there had been a lot of complaints in my area about malicious code damaging operating system software and he wanted to be sure my operating system was not impacted. (more…)
Tags:cybercrime, cybercriminals, Information Security, phone fraud, scams, social engineering
Posted in Information Security, Miscellaneous, Uncategorized | 11 Comments »
Saturday, February 12th, 2011
I recently engaged in an interesting discussion with Rafal Los about the erosion of privacy as it relates to the Internet in general, and social media sites specifically. I think my readers will some useful points and insights within our conversation; especially considering the often perceived adversarial relationship between anonymity and privacy. I welcome your feedback!
So here we go… (more…)
Tags:anonymity, Digital, EULA, facebook, Identity, internet, privacy, privacy professor, rafal los, Rebecca Herold, social media
Posted in Miscellaneous, privacy, Social Media, Training & awareness | 1 Comment »
Sunday, October 3rd, 2010
As demonstrated over and over again over the past several years, mobile computing devices and storage media present a huge risk to business and personal information. Because of the portability of these devices, organizations are basically entrusting the security of the information stored upon them into the hands of the people using them. It is vital that an effective mobile computing device and storage media security and privacy management program is in place.
A mobile computing device and storage media security and privacy management program should be able to answer the questions: (more…)
Tags:awareness and training, compliance, Information Security, mobile computing, mobile security, privacy, Rebecca Herold, security, security training, wireless
Posted in Information Security, Laws & Regulations, Miscellaneous, mobile computing, Privacy and Compliance, Training & awareness | 2 Comments »
Thursday, August 27th, 2009
I’ve had some technical difficulties with my blog site over the past few weeks. I just noticed that all the comments from June 26 through to around the second week of August were lost!
I’m very sad; there were some great comments, insights and links provided within the. To those of you whose comments disappeared, my sincere apologies! I miss being able to see and reference them.
Tags:blog
Posted in Miscellaneous | No Comments »
Wednesday, August 19th, 2009
My blog hosting service was down from last Thursday through Monday, so I wasn’t able to post to the blog during that time.
Now my blog service is back, but I’ve been consumed with MSIA teaching, HIPAA/HITECH and PCI work the past few days…plan to get back to regular posting soon! Sorry for what has been my longest blog break ever.
Posted in Miscellaneous | No Comments »
Thursday, June 25th, 2009
Yesterday I read a fascinating story from Australia…
(more…)
Tags:awareness and training, biometrics, Information Security, IT compliance, IT training, policies and procedures, privacy training, risk management, security training, voice recognition
Posted in Miscellaneous | No Comments »
