Posts Tagged ‘change controls’

It is Time to Set Social Media Rules

Sunday, June 28th, 2015

Over the past couple of weeks, I have spent a lot of time speaking with one of my clients about social media and posts from employees and contractors that may have a negative impact on the business. And the client is right to be concerned.

Most businesses are now using social media sites to communicate with their customers, potential customers, patients, employees, and everyone in between. However, such communications can often go awry at best, and result in privacy and security violations at worst. Here are just a few examples of what can go wrong. (more…)

Change Controls Are Still Necessary

Friday, June 5th, 2015

In the past week I helped a client whose programming staff had just caused a business disruption for the fifth time in two months because of the changes they made in the program code of their online service. The programmers, and so many of my other clients, have expressed the opinion that they can just code something and plop it out into production, without testing. And then they try to tell me that is “agile programming.” No, it is not. It is unsecure and, quite frankly, lazy programming. (more…)

Is Frictionless Sharing Like Digital Privacy Cancer?

Thursday, May 17th, 2012

I was recently speaking with a friend on the phone, and she said, “I just had the most embarrassing thing happen!  I had one of my Facebook friends send me a text teasing me about reading a rather sleazy article on TMZ. I did not know what she was talking about! So, I went to my Facebook page, and sure enough, down the timeline there was an article I had only briefly gone to the previous day after clicking a headline about moms on Google news and landed on a page; I quickly got off of when I saw it. I was so embarrassed to see that my brief visit to the page had been posted on my Facebook page! I don’t even go to TMZ on purpose, why is Facebook suddenly tattling on me when it accidentally went there?” (more…)

Big Brother Likes Big Data – Balancing Privacy with Innovation

Wednesday, May 2nd, 2012

My 12-year-old son said to me yesterday after getting home from school, “Hey, Mommy, did you know that Wal-Mart can tell when you’re pregnant? And so can Target!  Even before anyone else knows! They got a girl in trouble when they sent her dad coupons for baby stuff and congratulated her!”

Me, “That’s pretty incredible, isn’t it?  Companies are able to discover things like that about people more than ever before through analyzing what is called ‘Big Data’.”

Son, “That’s really creepy. I think you should (more…)

Back to the Future Security Basics: Security through Obscurity Still Does Not Work

Tuesday, April 17th, 2012

Last week I provided Howard Anderson at HealthInfosecurity.com with some of my thoughts about the recent Utah Department of Health breach of the files of 900,000 individuals, and counting. He included some of my thoughts in his blog post, along with thoughts from others. I wanted to provide my full reply here, along with some expanded thoughts.

As background, for those of you who may not have heard of this hack yet, in a nutshell: (more…)

Improve Program Change Controls To Reduce Incidents

Monday, April 21st, 2008

Recently in my Norwich MSIA class we were discussing the importance of program change controls, and I wanted to continue the discussion here because as important as it is, it typically does not get the attention it deserves in most organizations.

(more…)