privacy Archives - Page 49 of 60 -

Posts Tagged ‘privacy’

Addressing Web-Based Access and Authentication Challenges

Friday, March 2nd, 2007

Many incidents occur through access control and authentication vulnerabilities. Just consider the recently reported Fruit of a Loom incident that allowed easy access to 1,006 names and Social Security numbers of former employees. It is likely poorly constructed and inadequately tested applications controls resulted in this breach, not unlike so many other breaches that have occurred.

(more…)

Tags:access controls, authentication, awareness and training, FFIEC, government, Information Security, IT compliance, multi-factor authentication, policies and procedures, privacy, privacy breach
Posted in Information Security, Privacy and Compliance, Privacy Incidents | No Comments »

Punitive Actions Pursued Against Professor in Japan Who Had PII About 8,800 on Disk That Was Stolen

Thursday, March 1st, 2007

The differences throughout the world with which personally identifiable information (PII) privacy breaches are penalized is always interesting to me.
Today it was reported that the

(more…)

Tags:awareness and training, encryption, HHS, HIPAA, Information Security, IT compliance, policies and procedures, privacy, privacy breach
Posted in Information Security, Privacy and Compliance, Privacy Incidents | No Comments »

RINBOT/DELBOT Virus Running Rampant In the Wild: Exploits Anti-Virus Software Vulnerabilities Allowing Access to Business Networks

Thursday, March 1st, 2007

CNN reported today that Sophos was warning new strains of RINBOT, also known as DELBOT, could be stealthily be infecting business networks worldwide.
What can this new version do?

(more…)

Tags:awareness and training, botnet, denial of service, Information Security, IT compliance, malware, policies and procedures, privacy, privacy breach, risk management, virus
Posted in Information Security, Privacy and Compliance | No Comments »

U.S. Federal CIOs More Concerned About Information Security and Privacy Than In the Past

Wednesday, February 28th, 2007

Monday (2/26) the ITAA issued a press release reporting the resuults of a survey of 47 government CIOs.
They found that:

(more…)

Tags:awareness and training, government, Information Security, IT compliance, policies and procedures, privacy, risk management
Posted in government, Information Security, Privacy and Compliance | No Comments »

Legislation Passed to Strengthen Bush’s Privacy and Civil Liberties Oversight Board

Tuesday, February 27th, 2007

On February 15 the Senate Homeland Security and Governmental Affairs Committee approved legislation with provisions to strengthen President Bush’s Privacy and Civil Liberties Oversight Board. The provisions were part of a bill, the “Improving America’s Security Act of 2007” (S. 4), aimed at implementing unfulfilled recommendations of the 9/11 Commission. Full text of the 227-page S. 4 bill is available online.

(more…)

Tags:awareness and training, government, Information Security, IT compliance, legislation, policies and procedures, privacy, privacy law, risk management
Posted in government, Laws & Regulations, Privacy and Compliance | No Comments »

U.S. Privacy Related Bills Introduced February 15 & 16

Monday, February 26th, 2007

Before the U.S. House adjourned Febuary 16 and the Senate adjourned February 17 for a week-long recess, they submitted some bills with privacy impacts.

(more…)

U.S. Privacy Related Bills Introduced February 15 & 16

Monday, February 26th, 2007

Before the U.S. House adjourned Febuary 16 and the Senate adjourned February 17 for a week-long recess, they submitted some bills with privacy impacts.

(more…)