Every month, and sometimes weekly, I see a privacy breach that is a result of a messaging mistake. People need to be more careful about all the types of electronic messages they are sending and not so quick to hit that send button!
Here is the fourth, and final, part of the first article within the June issue of my “IT Compliance in Realtime” journal, “What to Tell Personnel: Messaging Security and Privacy“…
Posts Tagged ‘privacy training’
Think and Look Before You Send that Quick Message!
Wednesday, June 11th, 2008Think and Look Before You Send that Quick Message!
Wednesday, June 11th, 2008Every month, and sometimes weekly, I see a privacy breach that is a result of a messaging mistake. People need to be more careful about all the types of electronic messages they are sending and not so quick to hit that send button!
Here is the fourth, and final, part of the first article within the June issue of my “IT Compliance in Realtime” journal, “What to Tell Personnel: Messaging Security and Privacy“…
Let Your Personnel Know Their Messaging Boundaries
Tuesday, June 10th, 2008Here is the third part of the first article within the June issue of my “IT Compliance in Realtime” journal, “What to Tell Personnel: Messaging Security and Privacy“…
Sending Clear Text Customer Information Is Not Okay Just Because the Customer Says It’s “Okay”
Monday, June 9th, 2008As a follow-up to my blog post from last Friday, here is the second part of the first article within the June issue of my “IT Compliance in Realtime” journal, “What to Tell Personnel: Messaging Security and Privacy“…
Sending Clear Text Customer Information Is Not Okay Just Because the Customer Says It’s “Okay”
Monday, June 9th, 2008As a follow-up to my blog post from last Friday, here is the second part of the first article within the June issue of my “IT Compliance in Realtime” journal, “What to Tell Personnel: Messaging Security and Privacy“…
Something To Tell Your Personnel: Messaging Includes More Than Email
Friday, June 6th, 2008My June issue of “IT Compliance in Realtime” journal is hot off the press!
I’ve heard from some of you that when I post the articles from my journal that the posts are too long. So, what I will do from now on is to break up the articles into smaller postings to make them easier, and faster, to read.
Here is the first part of the first article within the June journal, “What to Tell Personnel: Messaging Security and Privacy”…
Insider Threat Example: Coworkers Accessing Other Coworkers’ Email Messages
Tuesday, June 3rd, 2008Back in the mid-1990’s, a middle manager knew that the print queue messages for all the emails in the large organization were viewable in clear text; all you had to know was which printer queue to open. He would lurk in the print queues each day, all day, for all the printers all the other middle managers, and executives, used, and he would copy all the email messages he found that could be “advantageous” to his career. He amazed a lot of people by always seeming to know what was going on before anyone else did.
I was reminded of this particular mole-manager as I just read a news story, “Philly News Anchor Target in FBI Probe: FBI Investigates Anchor in Suspected Hacking of Fired Co-Anchor’s E-mail”
How To Create Information Security & Privacy Case Studies
Monday, June 2nd, 2008Over the years I’ve done a lot of information security, privacy and compliance training and awareness activities; content creation, delivery, tools, and a large variety of other related activities. I’ve found doing case studies to be one of the most effective, and most interesting and popular, type of training activity.
I’ve created dozens, and perhaps even hundreds, of case studies throughout the years. Case studies engage your personnel in thinking in ways that just telling them information cannot do, noticeably change their work habits, and measurably impact their opinions about information security and privacy.
In the third article of the May 2008 issue of my IT Compliance in Realtime Journal, “Creating Effective Case Studies for Information Security and Privacy Training” I provide direction for how to create effective case studies within any type of organization.
The following is an unformatted copy of the article, without the sidebar information and illustrations; download the PDF version of the article to see those…
Privacy and Security Lost And Found
Monday, April 14th, 2008Today I’ve been participating in a very interesting discussion on the Security Catalyst Community about a very interesting project that Scott Wright is doing with Honey Sticks at his site.
Part of the discussion led to the possibility that one of the Honey Sticks that Scott had planted in a hotel, and had been “activated,” may have been turned in to the hotel’s lost and found.
Some more information and ideas for Data Privacy Day, January 28
Sunday, January 27th, 2008Last Thursday I posted about how tomorrow (1/28) is International Data Privacy Day.
I was delighfully surprised to receive an email in response to my blog post from Leonardo Cervera, the coordinator of Data Privacy Day 2008! Be sure to check out his site to find comprehensive information about all the activities being done for Data Privacy Day, as well as seeing the world-wide support Data Privacy Day is being given…it is good to see government agencies and large corporations acknowledging the importance of preserving privacy.
