Posts Tagged ‘monitoring’
Wednesday, May 1st, 2013
A new data breach research report is out, and it is a good read. This is the annual Experian/Ponemon Institute “Is Your Company Ready for a Big Data Breach?” report. I want to focus on one of the findings in that report; that most organizations are not willing to assist those affected by a breach of their personal information. (more…)
Tags:audit, awareness, breach, breach notice, breach study, compliance, customer service, data protection, e-mail, electronic mail, email, employees, employment, Experian, facebook, FINRA, HIPAA, hiring, HITECH, HR, human resources, IBM, Information Security, information technology, infosec, insider threat, insider trading, IT security, job applicants, messaging, midmarket, monitoring, non-compliance, personal information, personally identifiable information, personnel, PHI, PII, policies, policy management, ponemon, privacy, privacy breach, privacy laws, privacy practice, privacy professor, privacyprof, Rebecca Herold, Red Flags, risk, risk assessment, risk management, security, sensitive personal information, social media, social network, SPI, surveillance, systems security, training, twitter, walk through
Posted in Privacy and Compliance, Privacy Incidents | No Comments »
Monday, April 29th, 2013
Allowing Wall Street privacy law exemption is crazy! Why, you ask? Why, I’m happy to explain. In March, 2012, I wrote “6 Good Reasons NOT To Ask for Facebook Passwords“. Since that time legislation prohibiting employers from requiring access to their employees’ protected areas of their social media accounts has been introduced or is pending in at least 35 states. Three states–Arkansas, New Mexico and (more…)
Tags:audit, awareness, breach, compliance, data protection, e-mail, electronic mail, email, employees, employment, exception management, facebook, FINRA, hiring, HR, human resources, IBM, Information Security, information technology, infosec, insider threat, insider trading, IT security, job applicants, messaging, midmarket, monitoring, non-compliance, personal information, personally identifiable information, personnel, PHI, PII, policies, policy exception, policy management, privacy, privacy breach, privacy laws, privacy professor, privacyprof, Rebecca Herold, Red Flags, risk, risk assessment, risk management, security, sensitive personal information, social media, social network, SPI, surveillance, systems security, training, twitter, walk through
Posted in Laws & Regulations, privacy | No Comments »
Thursday, July 17th, 2008
Okay, why would a large city like San Francisco make such a silly, preventable mistake like allowing one employee to be able to establish a super user type of account and then lock everyone else out of the government network?
“Hacker Holds Key to City’s Network: An Alleged Hacker Won’t Reveal Secret Password to Unlock San Francisco’s Network”
(more…)
Tags:awareness and training, Gavin Newsom, Information Security, insider threat, IT compliance, logging, Mark Jacobs, monitoring, policies and procedures, privacy training, risk management, security training, separation of duties, Terry Childs
Posted in government, Information Security | 1 Comment »
Sunday, November 11th, 2007
I just read about a French Supreme Court decision made on October 10 (you can see a Google English rough translation of it here) that is significant to organizations who have employees in France, or anywhere worldwide for that matter, and the organization’s employee monitoring practices.
(more…)
Tags:awareness and training, court decision, employee monitoring, French Supreme Court, Information Security, IT compliance, logging, monitoring, policies and procedures, privacy, privacy training, risk management, security training
Posted in government, Laws & Regulations, Privacy and Compliance | No Comments »
Wednesday, June 27th, 2007
Over the weekend a news story appeared in Australia that I’m sure is occurring in MANY other organizations, far beyond just schools; “Teachers being secretly filmed by students”
(more…)
Tags:awareness and training, cell phones, Information Security, IT compliance, monitoring, MySpace, policies and procedures, privacy, risk management, surveillance, YouTube
Posted in Information Security, Privacy and Compliance, Privacy Incidents | No Comments »
Saturday, April 28th, 2007
Today I read with interest an article in the U.K.’s Guardian Unlimited, “Surveillance ‘intrudes on our lives‘.”
I am doing some research into various surveillance methods, such as with CCTV, key loggers, and other methods of surreptitiously recording the activities of individuals, typically without their consent, and often without their knowledge.
(more…)
Tags:awareness and training, CCTV, data mining, Information Security, IT compliance, logging, monitoring, policies and procedures, privacy, risk, surveillance
Posted in Information Security, Laws & Regulations, Privacy and Compliance, Privacy Incidents | 2 Comments »
Wednesday, April 4th, 2007
I have seen organizations where management and staff members were so fixated on protecting the company, to the disregard of observing laws and complying with policies, that they ended up doing completely inappropriate actions that involved infringing on privacy and breaking laws.
(more…)
Tags:awareness and training, Information Security, insider threat, IT compliance, monitoring, privacy, privacy breach, surveillance, Wal-Mart
Posted in Information Security, Privacy and Compliance, Privacy Incidents | No Comments »
Monday, March 5th, 2007
Today CNN reported Wal-Mart fired a systems technician who was “intercepting text messages of people who were not Wal-Mart employees and for recording telephone conversations with a New York Times reporter without authorization.”
(more…)
Tags:awareness and training, Information Security, insider threat, IT compliance, monitoring, privacy, privacy breach, surveillance
Posted in Information Security, Privacy and Compliance, Privacy Incidents | No Comments »
Tuesday, January 16th, 2007
There was a very interesting article in the Washington Post today, “Enjoying Technology’s Conveniences But Not Escaping Its Watchful Eyes”
This documentary of the day in the life of a woman shows how privacy issues are encountered throughout the day, and how virtually all of us leave a bit of ourselves, and along with it our privacy, whenever we get online, make purchases from stores, make phone calls, or do any number of things in virtually any place.
(more…)
Tags:awareness and training, call records, e-mail, encryption, government, GPS, Information Security, IT compliance, laptops, monitoring, policies and procedures, privacy, RFID, search engines, social engineering, surveillance
Posted in Information Security, Privacy and Compliance | No Comments »
