Risk Based Enterprise Compliance Programs
By Thomas R. Fox, Attorney at Tom Fox Law
A recent benchmarking survey of Third Party Codes of Conduct was conducted by the Society of Corporate Compliance and Ethics (SCCE) and reported on by Rebecca Walker. The findings indicated that a majority of companies with an otherwise robust compliance program do not extend this to third parties with which they conduct business. For those companies who now desire to evaluate their third party business partners for Foreign Corrupt Practices Act (FCPA) compliance, how and where do they begin?
Data Loss Prevention Has Jumped the Shark
By Robert Siciliano, ID Theft Expert and Security Consultant to Intelius.com
The FTC sending a warning to 100 companies and agencies that their employees are leaking client and sensitive data on the web via Peer to Peer file sharing (P2P) is the single most pathetic and embarrassing communication to come across the desk of an IT professional. It’s over, Johnny IT’S OVER…
Gartner Tells CIOs to Embrace Social Media
By Laton McCartney, Editor at CIOZone
Has someone been putting strange substances in the drinking water at Gartner’s Greenwich, CT headquarters? Some of their analysts are beginning to sound like New Age gurus on a mission to bring peace, love and harmony to the corporate world. Consider these words of wisdom recently imparted by Gartner analysts to clients at an Orlando conference…
Federal Guides for Social Media Security p.II
By Mike Meikle, CEO at Hawkthorne Group
Once an agency crosses over into social media interactions with other agencies and non-governmental organizations, the guidance gets diluted. The guidelines point to five government agencies, none of which are the definitive resource for social media implementations. These guidelines are a must read for any organization that is considering a foray into the Web 2.0 sphere…
Relationships with Foreign Business Partners
By Thomas R. Fox, Attorney at Tom Fox Law
There are several critical components in the selection, use and retention of any Foreign Business Partner, such as agents, resellers, joint venture partners or distributors. The due diligence process should contain, at a minimum, inquiries into the following areas…
The Dismal State of Information Security
By Robert Siciliano, ID Theft Expert and Security Consultant to Intelius.com
The sheer volume of potential targets coupled with the vast amounts of money to be made has captured the attention of the global criminal hacking community. Enterprise networks are becoming hardened and they are still vulnerable. We are fragmented and all over the place with an incredible array of interdependent technologies that are set up with convenience in mind and security second…
Resellers and Distributors Under the FCPA
By Thomas R. Fox, Attorney at Tom Fox Law
The landscape of the Foreign Corrupt Practices Act (FCPA) is littered with cases involving both agents and resellers are they are the most clearly acting as representatives of the companies whose goods or services they sell for in foreign countries. However many US businesses believe that the legal differences between agents/resellers and distributors insulate them from FCPA liability should the conduct of the distributor violate the Act. If you have a distributor, it must be subjected to the same FCPA scrutiny and management as an agent, reseller or joint venture partner…
The 80/20 Rule for Information Security
From The Team at MicroSolved
MicroSolved, Inc. (MSI) has developed the 80/20 Rule of Information Security that proposes the concept that 80% of an organizations’ real information security comes from only 20% of the assets and effort put into the program. These 13 security projects will give your organization the most effective information security coverage for the least expenditure of time and resources. These projects, once completed, should allow CIO’s to create an effective, efficient, and standards-based approach to information security…
SyferLock GridGuard Live On Infosec Island
Press Release
Infosec Island, the new community for IT and information security professionals, today announced that its new enhanced authentication service based on the SyferLock™ GridGuard™ solution, is now live. Deploying this technology provides Infosec Island members with the option to login with a very high level of security for confidential business, personal or security-related communications. SyferLock’s GridOne authentication is available on Infosec Island to all registered members, and membership is free.
How A Security Company Applies Security
By Larry Ketchersid, Chairman and CEO at MediaSourcery
Similar to security assessments, network architecture designs and other projects, a development project, such as this one involves the exchange of confidential data, including in this case, intellectual property designs, requirements documents, test plans, code fragments and road maps. We could have chose to exchange these documents over email, or printed them out and sent them next day parcel post. Instead, we ate our own dogfood and utilized IslandPKI encrypted document and message transfer…
