Posts Tagged ‘government’

Office Email Systems Are Not For Personal Use: Common Sense Reminders For Your Employees

Sunday, March 4th, 2007

Sunday the New York Times printed a nice article about email privacy and monitoring, “The Risk Is All Yours in Office E-Mail

(more…)

Addressing Web-Based Access and Authentication Challenges

Friday, March 2nd, 2007

Many incidents occur through access control and authentication vulnerabilities. Just consider the recently reported Fruit of a Loom incident that allowed easy access to 1,006 names and Social Security numbers of former employees. It is likely poorly constructed and inadequately tested applications controls resulted in this breach, not unlike so many other breaches that have occurred.

(more…)

U.S. Federal CIOs More Concerned About Information Security and Privacy Than In the Past

Wednesday, February 28th, 2007

Monday (2/26) the ITAA issued a press release reporting the resuults of a survey of 47 government CIOs.
They found that:

(more…)

Legislation Passed to Strengthen Bush’s Privacy and Civil Liberties Oversight Board

Tuesday, February 27th, 2007

On February 15 the Senate Homeland Security and Governmental Affairs Committee approved legislation with provisions to strengthen President Bush’s Privacy and Civil Liberties Oversight Board. The provisions were part of a bill, the “Improving America’s Security Act of 2007” (S. 4), aimed at implementing unfulfilled recommendations of the 9/11 Commission. Full text of the 227-page S. 4 bill is available online.

(more…)

U.S. Privacy Related Bills Introduced February 15 & 16

Monday, February 26th, 2007

Before the U.S. House adjourned Febuary 16 and the Senate adjourned February 17 for a week-long recess, they submitted some bills with privacy impacts.

(more…)

U.S. Privacy Related Bills Introduced February 15 & 16

Monday, February 26th, 2007

Before the U.S. House adjourned Febuary 16 and the Senate adjourned February 17 for a week-long recess, they submitted some bills with privacy impacts.

(more…)

Exploring Identity Verification Solutions and Identity Theft Prevention

Friday, February 23rd, 2007

Earlier this week the FTC announced in a press release an identity theft prevention workshop they are hosting April 23 – 24.

(more…)

Audit Reveals Poor Computer & Data Disposal Practices At Idaho National Laboratory

Thursday, February 22nd, 2007

Yesterday Government Computer News reported bad computer disposal methods at the Idaho National Laboratory that leaves confidential and restricted data, including nuclear details, vulnerable.

(more…)

Laptop Theft: Financial Company Given $1.9 Million Penalty Following Incident for Inadequate Security Program

Tuesday, February 20th, 2007

For the first time, the United Kingdom financial regulators, the U.K. Financial Services Authority (FSA), gave a financial institution, the Nationwide Building Society, the U.K.’s largest “building society” (a member-owned mortgage lending and banking services institution) a penalty for poor data security, issuing a ¬£980,000 ($1.9 million) fine based on their response to the 2006 theft of a laptop computer containing sensitive customer data according to a February 14 notice from the FSA.

(more…)

VA Suspends Medical Research Following Most Recent Breach Until Security Certification Is Obtained

Sunday, February 18th, 2007

Saturday, 2/17/07, it was widely reported that the U.S. Veterans Affairs (VA) was suspendingactivities at seven specialized research centers across the country after an unprotected computer hard drive disappeared from one of the facilities in Alabama last month.”

(more…)