Here’s an interesting article about cybercrime to kick off Day 1 of Global Security Week…
Posts Tagged ‘security training’
Not Enough Police To Deal With Cybercrime
Monday, September 8th, 2008How Does Your Business Use Customer and Consumer Profiling?
Friday, September 5th, 2008So, do you know how your business may be using data mining for customer and consumer profiling? Have you talked with your marketing folks about it?
Do you know how the stores you make your purchases from use your information to do customer profiling and other types of data mining? Have you asked them? Chances are the sales staff at the counters and check-outs wouldn’t know, but you could ask the store manager.
Not All Privacy Issues Involve PII
Thursday, September 4th, 2008There’s been a lot in the news over the past few years about customer profiling. The term is used somewhat differently by different groups and the definition often debated. However, the mainstream news media generally uses the term to talk about how companies gather many different types of information related to consumers, and then use that information to make determinations about groups of people in various demographics, and even be able to narrow down certain activities to specific individuals when enough data, and it does not need to be personally identifiable information (PII), is collected.
5 Easy Things To Do for Global Security Week, September 8 – 12
Tuesday, September 2nd, 2008Next week is Global Security Week!
Do you have anything planned for your organization to help raise the awareness of all types of security issues?
Here are a few ideas I wanted to pass along to you…
The Power of Logs: IRS Examiner Sentenced & Fined For Accessing PII Without Authorization
Monday, September 1st, 2008Now, here’s a great example of an organization actually following through on their procedures to review access logs, and then to apply sanctions and take necessary other actions in response to non-compliance with not only organizational policies, but also with applicable laws…
Laptop Containing PII of 1 Million+ People Sold On eBay for $141
Saturday, August 30th, 2008I’ve been doing a lot of work with data retention and disposal policies and procedures lately, remembering the silly things I have read about with regard to organizations getting rid of their computers, such as selling their computers on eBay when they no longer need them…without removing the information! This is certainly not a phenomenon that is confined to the U.S.
Lo and behold, another situation has happened where an organization sold their old computer on eBay…for a bargain at £77 ($141), and it contained a a huge amount of personally identifiable information (PII), including credit card applications, on what is reported to be as many as over 1 million customers. Here are a few excerpts from the report in Forbes…
More Data Retention Tips And Considerations
Thursday, August 28th, 2008Here are some more data retention tips and considerations as a follow-up to my Tuesday blog post…
Do You Know Your Data Retention Requirements?
Tuesday, August 26th, 2008There have been several interesting news reports recently about data retention proposals, plans, practices and laws in the U.K.
Currently there are proposals to require emails to be retained for a full year, but critics contend that sloppy data retention practices will result in actual retention periods much longer, if the emails even ever get deleted.
This is an important point; when it comes to data retention, the requirements are rarely, if ever, followed by some organizations…
Insider Threat Examples & 7th HIPAA Criminal Conviction
Monday, August 25th, 2008Yesterday I read about the 7th criminal conviction and sentencing that has been given under HIPAA, “Woman gets 14 months in ID theft case.”
