Posts Tagged ‘privacy’

More About the FTC Tech-ade Public Hearing

Wednesday, November 15th, 2006

I just found a blog for the FTC Tech-ade public hearing I just posted about; the Tech-Ade Blog. Some very interesting thoughts about a wide range of topics!

FTC Public Hearing Presenters Forecast Privacy Concerns For the Next 10 Years

Wednesday, November 15th, 2006

The Federal Trade Commission (FTC) held a public hearing Nov. 6-8 at George Washington University to discuss the ways in which technological and business developments will impact consumers’ experiences in the next 10 years.

(more…)

The State of Information Security According to E&Y

Tuesday, November 14th, 2006

This year’s Ernst & Young Global Information Security Survey 2006 is out and it is always an interesting read. Arguments aside about the statistical accuracy of such surveys, it still provides useful information and also helps to track progress in the topics covered as the years march on. The history alone involved with the survey, this is the 9th year for it, are quite revealing. My, my how concerns have changed in less than a decade!

(more…)

Information Assurance: Make a Perspective Adjustment; It’s All About the Business

Monday, November 13th, 2006

Last week I was at the Computer Security Institute 33rd Annual Computer Security Conference & Exhibition where Chris Grillo and I also gave our post-conference seminar, “Effectively Partnering InfoSec and Privacy For Business Success“. It was interesting to hear the folks attending both the conference and our seminar express their concerns related to information security and privacy. I am always intrigued by the various viewpoints of folks in not only different industries, but also of those who have very little experience in dealing with information security, privacy and compliance versus those with a great amount of experience. It is very noticeable how the viewpoints shift from trying to address primarily only technical issues (overwhelmingly those with little experience) to the viewpoint of incorporating the issues throughout the entire enterprise and into all processes through procedures, awareness and responsibilities (overwhelmingly those with much experience).

(more…)

Computer Stolen from Insurance Provider Has Personal Information About 1,200 Villanova University students and staff members

Tuesday, November 7th, 2006

And yes…still another example of a laptop with clear text personally identifiable information (PII) being stolen.
Villanova University confirmed on 11/2 that a laptop with information about 1,200 of their students and staff members, along with other individuals not part of Villanova, was stolen from their auto insurer, Hilb, Rogal & Hobbs in September. Notifications went out to the involved individuals on October 26.

(more…)

Broadcasting Company Laptop With Employee Personal Information Stolen

Friday, November 3rd, 2006

The Boston Herald reported a laptop “holding Social Security numbers of current and former staffers was stolen out of Greater Media’s Philadelphia offices.”
Greater Media is offering credit monitoring to the impacted individuals “if staffers sign up by the end of the year.”

(more…)

Another U.S. Veterans Affairs Computer Stolen: This One With Personal Information About 1,600 Vets

Friday, November 3rd, 2006

Thursday, 11/2, the VA confirmed a computer containing data about 1,600 U.S. military veterans was stolen from their Manhatten hospital.
According to the report, it was stolen from “a locked room in a locked hallway at the VA hospital. The theft occurred Sept. 6, but VA officials sent out a letter to veterans only within the past two weeks. The personal data of about 1,600 people was on the computer’s hard drive. It was the third theft of personal data from a VA facility in less than a year.”

(more…)

Encryption…Just Do It!

Thursday, November 2nd, 2006

I am a big advocate of encryption. It is such a great tool for protecting sensitive and personally identifiable information (PII), particularly for such data that moves…while on mobile devices, storage devices, and while being transmitted through networks. Historically it was a challenge to implement.
In the past few years implementation has been getting much easier, and continues to improve. However, it is still no surprise, but yet a disappointment, that a recent study from Credant Technologies, Inc., yes, an encryption solution vendor, found that out of 426 IT practitioners interviewed throughout the world, 88% know sensitive data and PII is on their personnel’s mobile computers, but the only 20% have deployed encryption for such devices. Note the encryption is deployed; I would bet that the actual amount of PII and sensitive data encrypted on those devices is actually much lower.

(more…)

Encryption…Just Do It!

Thursday, November 2nd, 2006

I am a big advocate of encryption. It is such a great tool for protecting sensitive and personally identifiable information (PII), particularly for such data that moves…while on mobile devices, storage devices, and while being transmitted through networks. Historically it was a challenge to implement.
In the past few years implementation has been getting much easier, and continues to improve. However, it is still no surprise, but yet a disappointment, that a recent study from Credant Technologies, Inc., yes, an encryption solution vendor, found that out of 426 IT practitioners interviewed throughout the world, 88% know sensitive data and PII is on their personnel’s mobile computers, but the only 20% have deployed encryption for such devices. Note the encryption is deployed; I would bet that the actual amount of PII and sensitive data encrypted on those devices is actually much lower.

(more…)

Another Tool for your Awareness Arsenal

Thursday, November 2nd, 2006

The FTC recently made available a pretty neat privacy in socieal networking sites awareness raising quiz, “Buddy Builder.”

(more…)