Posts Tagged ‘policies and procedures’
Thursday, August 30th, 2007
A very interesting article in USA Today caught my eye, “Beijing police will patrol Web virtually”
(more…)
Tags:awareness and training, China, Information Security, Internet use, IT compliance, policies and procedures, privacy, risk management, surveillance
Posted in government, Privacy and Compliance | 1 Comment »
Wednesday, August 29th, 2007
I like to run. I try to run almost every day from 3.5 – 6 miles. It stimulates my thinking, refreshes my mind and body, and I truly have the best ideas and thoughts while I’m running. I could not have written my books, chapters and articles if it were not for running.
(more…)
Tags:awareness and training, Information Security, IT compliance, policies and procedures, privacy, risk management, running
Posted in Information Security, Privacy and Compliance, Training & awareness | No Comments »
Tuesday, August 28th, 2007
Well, if you look at the results of my very unscientific poll from last week, it appears there is a very wide range of opinions about the use of social networking sites at work.
(more…)
Tags:awareness and training, facebook, Information Security, IT compliance, MySpace, personally identifiable information, PII, policies and procedures, privacy, risk management, social networking, YouTube
Posted in Information Security, Privacy and Compliance | 2 Comments »
Monday, August 27th, 2007
Tags:awareness and training, Information Security, IT compliance, personally identifiable information, PII, policies and procedures, privacy, risk management
Posted in government, Privacy and Compliance | 2 Comments »
Sunday, August 26th, 2007
I’ve talked several times on this blog about my sons, and how they’ve really resonated with the information security and privacy discussions and information I’ve given them. They notice privacy risks and security problems when we’re out in stores or traveling. They point out problems on the Internet. They won’t let me watch their fingers when they enter their passwords on their membership sites so I won’t discover their passwords…even though they know my parent account has access to change them. 🙂
(more…)
Tags:awareness and training, Howie Day, Information Security, IT compliance, personally identifiable information, PII, policies and procedures, privacy, risk management, social networking sites, social psychology
Posted in Training & awareness | 2 Comments »
Friday, August 24th, 2007
on 8/22/2007 a very interesting and useful report was released by the European Network and Information Security Agency (ENISA), “Information security awareness initiatives: Current practice and the measurement of success.”
(more…)
Tags:awareness and training, data protection law, ENISA, EU Data Protection Directive, European Union, Information Security, IT compliance, personally identifiable information, PII, policies and procedures, PricewaterhouseCoopers, privacy, privacy law, risk management
Posted in Information Security, Privacy and Compliance, Training & awareness | 3 Comments »
Friday, August 24th, 2007
I’m surprised by how different the opinions are for this week’s poll about using social networking sites at work!
If you haven’t clicked a poll button for it yet (see right side of screen and scroll down a little), please do so. It will be interesting to see if the opinions stay so widely scattered by the end of Sunday.
Tags:awareness and training, facebook, Information Security, IT compliance, MySpace, policies and procedures, privacy, risk management, social networking
Posted in Information Security | No Comments »
Friday, August 24th, 2007
We had some horrendous storms here in Iowa this week. Last night was a doozy! The lightning unrelenting, the winds horrific, and tornado spottings were peppered across the southern half of Iowa.
(more…)
Tags:awareness and training, backup, business recovery, dial-up access, disaster plan, Information Security, IT compliance, policies and procedures, privacy, risk management
Posted in Information Security | No Comments »
Thursday, August 23rd, 2007
As a follow-up to my blog posting yesterday, I wanted to point out that the European Union (EU) Data Protection Authorities (DPAs) have been very active in pursuing data protection law compliance.
(more…)
Tags:Article 29 Working Party, awareness and training, data protection law, EU Data Protection Directive, European Union, Information Security, IT compliance, policies and procedures, privacy, privacy law, risk management
Posted in Privacy and Compliance | No Comments »
Wednesday, August 22nd, 2007
Multi-national organizations doing business in Europe must know and understand not only their obligations to protect personally identifiable information (PII) under the European Union (EU) Data Protection Directive 95/45/EC, but they must also know and understand the data protection laws within each of the EU member countries.
(more…)
Tags:awareness and training, data protection law, EU Data Protection Directive, European Union, Information Security, IT compliance, policies and procedures, privacy, privacy law, risk management
Posted in Laws & Regulations, Privacy and Compliance | No Comments »
