Posts Tagged ‘Information Security’

A $1 Billion Access Control Mistake

Monday, September 15th, 2008

It has been widely reported and blogged about how an old United Airlines story was posted with huge stock value loss…

(more…)

Miscellaneous Cybercrime & Privacy Tidbits

Friday, September 12th, 2008

For the last day of Global Security Week (GSW) I’m providing a few items that relate to cybercrime that I find interesting…

(more…)

GSW Logo

Wednesday, September 10th, 2008

I really like the logo for this year’s GSW, and I wanted to include it here for those of you who had not see it…

(more…)

Sloppy Disposal Aids Cybercriminals

Wednesday, September 10th, 2008

For day 3 of Global Security Week I want to talk a little bit about the importance of securely disposing of your papers and storage media that contains personal information…

(more…)

Not Enough Police To Deal With Cybercrime

Monday, September 8th, 2008

Here’s an interesting article about cybercrime to kick off Day 1 of Global Security Week…

(more…)

How Does Your Business Use Customer and Consumer Profiling?

Friday, September 5th, 2008

So, do you know how your business may be using data mining for customer and consumer profiling? Have you talked with your marketing folks about it?
Do you know how the stores you make your purchases from use your information to do customer profiling and other types of data mining? Have you asked them? Chances are the sales staff at the counters and check-outs wouldn’t know, but you could ask the store manager.

(more…)

Not All Privacy Issues Involve PII

Thursday, September 4th, 2008

There’s been a lot in the news over the past few years about customer profiling. The term is used somewhat differently by different groups and the definition often debated. However, the mainstream news media generally uses the term to talk about how companies gather many different types of information related to consumers, and then use that information to make determinations about groups of people in various demographics, and even be able to narrow down certain activities to specific individuals when enough data, and it does not need to be personally identifiable information (PII), is collected.

(more…)

Iowa Land Records Association Posts SSNs…Including The Governor’s…On Their Internet Site

Wednesday, September 3rd, 2008

Okay, here’s another example of a ridiculously dumb privacy breach that occurred, in Iowa this time, through a government agency posting information on the Internet…

(more…)

5 Easy Things To Do for Global Security Week, September 8 – 12

Tuesday, September 2nd, 2008

Next week is Global Security Week!
Do you have anything planned for your organization to help raise the awareness of all types of security issues?
Here are a few ideas I wanted to pass along to you…

(more…)

The Power of Logs: IRS Examiner Sentenced & Fined For Accessing PII Without Authorization

Monday, September 1st, 2008

Now, here’s a great example of an organization actually following through on their procedures to review access logs, and then to apply sanctions and take necessary other actions in response to non-compliance with not only organizational policies, but also with applicable laws…

(more…)