How to Protect Your Social Network Identity

February 14, 2010 by ADMIN · 1 Comment

By Mark Smail, CTO at Onix International, Inc.

Over a billion people visited social networking sites such as Facebook and Twitter last month so it’s not surprising that hackers have these sites in their cross-hairs. In fact, according to recent research from Breach Security Labs, social networks were the most targeted category in 2009, accounting for 19% of all malicious attacks last year. By using simple data encryption and password protection tools, you can ensure that your personal information and online identities remain secure and private…

Afraid of the Cloud? Ask the Right Questions

February 11, 2010 by ADMIN · 2 Comments

By Greg George, Managing Partner of GTI Advisors

What if your vendor is acquired, are there assurances in your service agreement allowing you to opt out if you choose to – if so, will all your data be deleted? What if you vendor is acquired by a company based in a foreign country? Maybe the acquiring company ceo, also a peoples republic of china communist party official, will assure you your data has been deleted. All in all – right now, using SaaS simply comes down to a judgment call, what is in the best interest of your firms operations: ease of access, work flow and cost benefits vs. associated risks…

Perplexities of Enterprise Privacy Policies

February 8, 2010 by ADMIN · Leave a Comment

By Rebecca Herold (The Privacy Professor) CIPP, CISSP, CISM, CISA, FLMI

An important consideration with information security incidents is identifying if personally identifiable information - PII - is involved. If it is, then the privacy breach response team needs to be put into action to determine whether or not an actual privacy breach occurred. I’m always interested in hearing the challenges and unique situations they run across as they not only create their plans, but also for how they execute them. Here are three of these situations, often overlooked and not planned for, but experienced by organizations.

Technology Drives New Age of Collaboration

January 27, 2010 by ADMIN · Leave a Comment

By Christopher Burgess, Senior Security Adviser

Are you embracing the collaboration phenomenon that has been storming, complete with thunder, lightning and rain over the past few years? Or have you been hiding under an umbrella to avoid this social media storm? Yes, we are all interconnected, whether we want to be, are expected to be, or prefer not to be. We are, as they say in poker, all in, as collaboration is here to stay ― and it’s driven by technology…

On Privacy and Cloud Computing Challenges

January 20, 2010 by ADMIN · Leave a Comment

By Rebecca Herold (The Privacy Professor) CIPP, CISSP, CISM, CISA, FLMI

Businesses need to scrutinize the information security and privacy programs and practices of vendors and other business partners, and the cloud computing tools, applications and services should be viewed no differently. If your business is entrusting critical processing and data to another entity, you should first ensure it is trustworthy, secure and will meet your organization’s compliance obligations…

FBI: Haitian Earthquake Relief Fraud Alert

January 14, 2010 by ADMIN · Leave a Comment

U.S. Department of Justice - Federal Bureau of Investigation

The FBI today reminds Internet users who receive appeals to donate money in the aftermath of Tuesday’s earthquake in Haiti to apply a critical eye and do their due diligence before responding to those requests. Past tragedies and natural disasters have prompted individuals with criminal intent to solicit contributions purportedly for a charitable organization and/or a good cause. Therefore, before making a donation of any kind, consumers should adhere to certain guidelines, to include the following…

Hackers Conquer Two-Factor Authentication

January 3, 2010 by ADMIN · Leave a Comment

BY Mel Duvall, Chief Content Officer at CIOZone

“Fraudsters have definitely proven that strong two-factor authentication processes can be defeated,” said Avivah Litan of Gartner. “Enterprises need to protect their users and accounts using a three-prong layered fraud prevention approach that uses stronger authentication, fraud detection and out-of-band transaction verification and signing for high-risk transaction.”

Why There Will Be No Year Of The Cloud

December 15, 2009 by ADMIN · 3 Comments

By Dwayne Melancon, Tripwire’s VP of Corporate and Business Development

Before vast herds of businesses go running to the cloud, they will want to see that others have done it an not been burned. This is classic bell curve stuff - a few will do it, but it will be a while before the majority of the IT organizations use the cloud in any significant way.

Smart Grid Privacy Standards Proposed

November 30, 2009 by ADMIN · Leave a Comment

By Rebecca Herold (The Privacy Professor) CIPP, CISSP, CISM, CISA, FLMI

Access to live energy use data can reveal if people are in the dwelling, what they are doing, where they are in the dwelling, and access to data use profiles that can reveal specific times and locations of electricity use in specific areas of the dwelling can also indicate the types of activities within the dwelling over a period of time. The information revealed is a type of surveillance. We need layers of privacy protections throughout the entire smart grid to effectively address privacy concerns and prevent privacy invasions and breaches.

Effective Security Policy Messaging Important

November 19, 2009 by ADMIN · 1 Comment

By Christopher Burgess, Senior Security Adviser

Clearly communicate that, in fact, there are secrets. Once employees understand that they have a responsibility to protect the enterprise, the chasm between the security professional and the rest of the staff not only shrinks, it disappears. Far too often, security policies arrive as a reaction, as opposed to a proactive management of risk. Through this process, the enterprise will acknowledge security as forethought, not an afterthought.

Next Page »