Posts Tagged ‘program changes’

Stay Alert for Stegoloader and Rombertik Malware Threats

Friday, July 17th, 2015

Recently a friend of mine sent me a photo of the image on his computer screen. It was a Windows firewall warning message that his computer had been infected with malware. He said that when he tried to re-boot the computer it got into an endless loop and he could not get it to do anything. He finally took it to the computer repair shop, and they had to reload a new system. Thankfully he had a complete, clean, backup of all his files, so he didn’t lose anything. I asked what the repair folks said the problem was, and he indicated that they didn’t tell him anything specific, only that he “probably had bad malware.” (more…)

Tags:, , , , , , , , , , , , , , , , , ,
Posted in Information Security, Training & awareness | No Comments »

Hey, Developers! Save Privacy in the IoT Explosion

Thursday, July 2nd, 2015

I’ve been concerned with and writing about the information security and privacy risks involved with the data created, transmitted and processed by smart devices in the Internet of Things (IoT) for several years since they first started emerging (e.g., here) and will likely be writing on it even more in the coming months and years. According to a new IDC research report, the IoT market will grow from $655.8 billion in 2014 to $1.7 trillion in 2020 with a compound annual growth rate (CAGR) of 16.9%. Will privacy die in this IoT explosion? If IoT developers and manufacturers take action now, I’m optimistic that they can save privacy in the IoT explosion. (more…)

Tags:, , , , , , , , , , , , , , , , , , , , , ,
Posted in Uncategorized | No Comments »

It is Time to Set Social Media Rules

Sunday, June 28th, 2015

Over the past couple of weeks, I have spent a lot of time speaking with one of my clients about social media and posts from employees and contractors that may have a negative impact on the business. And the client is right to be concerned.

Most businesses are now using social media sites to communicate with their customers, potential customers, patients, employees, and everyone in between. However, such communications can often go awry at best, and result in privacy and security violations at worst. Here are just a few examples of what can go wrong. (more…)

Tags:, , , , , , , , , , , , , , , , , ,
Posted in Social Media | No Comments »

Change Controls Are Still Necessary

Friday, June 5th, 2015

In the past week I helped a client whose programming staff had just caused a business disruption for the fifth time in two months because of the changes they made in the program code of their online service. The programmers, and so many of my other clients, have expressed the opinion that they can just code something and plop it out into production, without testing. And then they try to tell me that is “agile programming.” No, it is not. It is unsecure and, quite frankly, lazy programming. (more…)

Tags:, , , , , , , , , , , , , , ,
Posted in Information Security | No Comments »

Improve Program Change Controls To Reduce Incidents

Monday, April 21st, 2008

Recently in my Norwich MSIA class we were discussing the importance of program change controls, and I wanted to continue the discussion here because as important as it is, it typically does not get the attention it deserves in most organizations.

(more…)

Tags:, , , , , , , , , ,
Posted in Information Security | No Comments »