Posts Tagged ‘privacy’
Sunday, October 3rd, 2010
As demonstrated over and over again over the past several years, mobile computing devices and storage media present a huge risk to business and personal information. Because of the portability of these devices, organizations are basically entrusting the security of the information stored upon them into the hands of the people using them. It is vital that an effective mobile computing device and storage media security and privacy management program is in place.
A mobile computing device and storage media security and privacy management program should be able to answer the questions: (more…)
Tags:awareness and training, compliance, Information Security, mobile computing, mobile security, privacy, Rebecca Herold, security, security training, wireless
Posted in Information Security, Laws & Regulations, Miscellaneous, mobile computing, Privacy and Compliance, Training & awareness | 2 Comments »
Monday, July 6th, 2009
It is nice to have scientific evidence of what we’ve been telling business leaders ever since they wanted to start using SSNs as identifiers and passwords!
Today Carnegie Mellon University (CMU) released a very revealing report, “Predicting Social Security numbers from public data” I want to expand upon some of the issues covered within it, and then urge you to communicate effectively to your business leaders the related concerns of your organization…
(more…)
Tags:awareness and training, Carnegie Mellon, Information Security, IT compliance, IT training, policies and procedures, privacy, privacy training, risk management, security training, social security number, SSN
Posted in Information Security, Privacy and Compliance | No Comments »
Monday, July 6th, 2009
It is nice to have scientific evidence of what we’ve been telling business leaders ever since they wanted to start using SSNs as identifiers and passwords!
Today Carnegie Mellon University (CMU) released a very revealing report, “Predicting Social Security numbers from public data” I want to expand upon some of the issues covered within it, and then urge you to communicate effectively to your business leaders the related concerns of your organization…
(more…)
Tags:awareness and training, Carnegie Mellon, CMU, Information Security, IT compliance, IT training, policies and procedures, privacy, privacy training, risk management, security training, social security number, SSN
Posted in Information Security, Privacy and Compliance | 1 Comment »
Monday, February 16th, 2009
On February 12 the U.S. Federal Trade Commission (FTC), the most actively aggressive oversight agency in the U.S. with regard to enforcing privacy protections, released new behavioral advertising principles…
(more…)
Tags:awareness and training, behaviorial advertising, compliance, FTC, Information Security, IT compliance, IT training, policies and procedures, privacy, privacy principles, privacy training, risk management, security training
Posted in government, Laws & Regulations, Privacy and Compliance | No Comments »
Sunday, February 15th, 2009
Cloud computing is an attractive, low-cost means of collaboration. But have you considered the risks involved with placing documents with PII “in the cloud”?
The monthly column I wrote for the December 2008 CSI Alert was, “Cloudy Privacy Computing.” Here’s the first section…
(more…)
Tags:awareness and training, cloud computing, compliance, Information Security, IT compliance, IT training, policies and procedures, privacy, privacy training, risk management, security training
Posted in Information Security, Privacy and Compliance | No Comments »
Wednesday, December 24th, 2008
Here’s a great article for Christmas Eve that covers a wide range of surveillance tools and techniques that are increasingly used by governments, law enforcement, employers, suspicious spouses, etc, etc, etc…
(more…)
Tags:awareness and training, Information Security, IT compliance, IT training, policies and procedures, privacy, privacy training, risk management, Santa, security training, surveillance
Posted in Miscellaneous, Privacy and Compliance | No Comments »
Wednesday, December 17th, 2008
Today the U.S. Federal Trade Commission (FTC) released a new report about social security numbers (SSNs), identity theft, and recommended 5 ways to help prevend having SSNs being used for identity theft…
(more…)
Tags:awareness and training, FTC, identity theft, Information Security, IT compliance, IT training, policies and procedures, privacy, privacy training, risk management, security training, social security number, SSN
Posted in Information Security, Laws & Regulations, Privacy and Compliance | No Comments »
Tuesday, December 16th, 2008
Another real-life example to show the importance of having effective policies and procedures in place for not only information disposal, but also for the disposal of computers and storage media…
(more…)
Tags:awareness and training, disposal, Information Security, IT compliance, IT training, McCain, Palin, policies and procedures, privacy, privacy incident, privacy training, risk management, security training
Posted in Information Security, Privacy and Compliance, Privacy Incidents | No Comments »
Friday, September 12th, 2008
For the last day of Global Security Week (GSW) I’m providing a few items that relate to cybercrime that I find interesting…
(more…)
Tags:awareness and training, cybercrime, Donn Parker, Global Security Week, Information Security, IT compliance, IT training, MSIA, policies and procedures, privacy, privacy training, Richard Power, risk management, security training
Posted in identity theft, Information Security, Privacy and Compliance | 1 Comment »
