Blog  | Read about controlling and protecting your information

Security

Home > Security
RSS Feed

Leaked Memos Can Ruin Your Day

Posted by Ron Arden on May 11th, 2012
Posted in: Blog, Data leak, Security | No Comments

Leaked Memos Can Ruin Your DayData breach headlines are almost becoming a cliché.  Not a week goes by when I don’t read about people stealing information from a company or someone losing a confidential document.  Just this week 435 credit card numbers and 1,175 social security numbers at the University of Maine and 1,007 online store transactions at the University of Arkansas computer store were compromised by hackers.  This may not be as large as the 280,000 social security numbers stolen from the Utah Department of Health in April 2012, but it’s a big deal to those people affected.

The cases above were deliberate acts, but sometimes a data breach is unintentional.  It could be as simple as an employee forgetting they had confidential documents on a USB flash drive and misplacing it.  Or maybe someone accidentally emailed an HR spreadsheet with employee’s personal information to a friend.  We all love email look ahead, but sometimes it can bite you.

Read the rest of this entry »

Stop Employees From Looting Information

Posted by Ron Arden on April 18th, 2012
Posted in: Blog, Data breach, Data leak, Security | No Comments

Stop Employees From Looting InformationThat almost sounds like the title to a bad movie, almost.  In reality it’s a real problem today, since most of the important information inside any business is digital information.  In the past, if you wanted to keep your secrets safe, you locked your filing cabinets or stored paper documents in a safe.  Today, information is all over the place and in many forms.  Someone leaving your company could walk out the door with the keys to the kingdom.

Much of our important information is either sitting in databases or documents.  These may be on premise or in the cloud.  Most of us think that if it’s in a database, we have it secured, but a lot of people run reports that export the data into regular spreadsheets or word processing documents.

But it’s not just what we think of as traditional documents.  It’s also in presentations, videos, photographs, image and audio files.  Just think about how damaging the tapes of conversations from the Nixon White House were during the Watergate scandal.  It’s also email messages in your inbox and on email servers.  Voicemails on your cellphone.  Or it could be source code to your software product.  

Read the rest of this entry »

Third Day Was A Charm At RSA 2012

Posted by Ron Arden on March 2nd, 2012
Posted in: Blog, Document security, Security | No Comments

Third Day Was A Charm At RSA 2012The last day on the expo floor at RSA 2012 was not as robust as the first two, but there were still a lot of people.  One thing that I saw in evidence was from the opening keynote on February 28.  Arthur Coviello, executive chairman of RSA, told the audience that it’s not possible to have perfect security, so businesses need to think about managing risk.  A company needs to manage the risk of information loss the same way they think about financial losses.

All businesses try to understand the risk they have from internal and external forces.  These could be related to natural events, such as an earthquake, or something internal, like fraud.  IT and information security are no different.  The best way to manage your risk is to understand it.  That comes from both defining and measuring risky behavior and those events that may cause harm.  You may have to assume that someone will compromise your network and computer systems, but that doesn’t mean you have to accept data loss.  Just like a car manufacturer has to assume an automobile will get into an accident and they take steps to ensure that harm to human life is minimal.

Read the rest of this entry »

SOPA and PIPA and Pirates Oh My

Posted by Ron Arden on January 18th, 2012
Posted in: Blog, Cybercrime, Data leak, Security | No Comments

SOPA and PIPA and Pirates Oh MyTwo pieces of legislation before the United States Congress are intended, according to its supporters, to prevent Internet piracy and protect freedom and American jobs.  The Protect IP Act (PIPA) and the Stop Online Piracy Act (SOPA) are legislative responses to these threats.  Unfortunately, rather than protecting intellectual property and jobs, they would in fact impose bad regulations on American businesses and censor the Internet as we know it.

The stated goal of these bills is to stop copyright infringement by foreign web sites.  According to the Motion Picture Association of America (MPAA) and other groups representing the music and film industries, piracy is rampant and is negatively affecting their businesses.  They claim the only way to protect American jobs and businesses is with these measures. 

Read the rest of this entry »

ICANN Might Cause A Security Nightmare

Posted by Ron Arden on January 13th, 2012
Posted in: Blog, Cybercrime, Data breach, Security | No Comments

ICANN Might Cause A Security NightmareAccording to an announcement on January 11, 2012, after more than seven years of planning, the Internet Corporation for Assigned Names and Numbers (ICANN) has initiated a process that could trigger a dramatic expansion of the Internet.  Starting on January 12, 2012, ICANN will accept applications for new generic top-level domains (gTLDs).  This might sound like a great idea, but it could also be fraught with trouble.

ICANN is the organization that manages and controls the top level domains of the Internet.  They are the ones who make sure that we have .com, .gov, .org, .edu and 18 other gTLDs.  This new announcement intends to expand the top level domains to anything you want, including companies and famous brands.  There is an application process and $185,000 fee to request a name, so not everyone will apply.

Read the rest of this entry »

« Older Entries