Kevin Beaver's Security Blog

Oil and infosec, a marriage made in heaven?

Here's a funny - and ironic - pic a friend of mine just forwarded me.Need I say more?Also, I have on my desk the March 8, 2010 edition of InformationWeek (great mag by the way) that has BP as its cover story. A call out quote says:"Two years ago, BP CEO Tony Hayward laid some very tough love on his 500 top managers. Despite revenue of about $300 billion, the ...

...

Why the rich keep getting richer and the poor keep getting poorer

Contrary to what Senator Max Baucus (Democrat) recently said about the forthcoming healthcare deform that's being forced upon us:“Too often, much of late, the last couple three years the mal-distribution of income in America is gone up way too much, the wealthy are getting way, way too wealthy, and the middle income class is left behind. Wages have not kept up with increased income of the highest income in America. ...

I do not like it Uncle Sam

Here's a good one going around the Internet that I just love:I do not like it Uncle Sam, I do not like it Sam I am. I do not like these dirty crooks, I do not like how they cook books. I do not like when Congress steals, I do not like their secret deals. I do not like this Speaker Nan, I do not like this 'YES WE CAN'! ...

Our power of choice has been stripped

No need for us to think any more. Here's a great excerpt from a WSJ piece that underscores the issue:"In our world of infinite wants but finite resources, there are only two ways to allocate any good or service: either through prices and the choices of millions of individuals, or through central government planning and political discretion."You hear me say a lot that those in control of information security have ...

A sincere “Thanks!”

Frederic Bastiat once said "When plunder becomes a way of life for a group of men living together in society, they create for themselves in the course of time a legal system that authorizes it and a moral code that justifies it." In the same spirit, I want to send out a sincere and heartfelt Thanks! to all my fellow Americans who voted for "Hope" and "Change" putting a Marxist-loving ...

Trouble getting policy buy-in? Make ’em self-executing.

If you're having trouble getting security policies on the radar of management and users - much less getting the real buy-in you need, don't fret - there is a possible solution.It's an idea I got from Louise Slaughter (good name for a politician) and her attempt to force Obamacare on us. Simply make your policies "self-executing". In other words, you write the policies and include verbiage in each one that ...

My latest information security content

Here are my latest information security articles and a podcast focusing on Web security and document security. Enjoy!First, my Web security articles:Changes coming to the OWASP Top 10 in 2010 (read the comments too, I stirred the puddin' with this piece!)Free Web proxy tools you need to get to knowSecuring Web servers in Windows environments...and a document security podcast (this is a really interesting story if you haven't heard about ...

My latest security content

Here's some more new information security content - stuff on network administration, employee monitoring, checklist audits, and more. Enjoy!How to get - and keep - user support with security How to get management on board with Web 2.0 security issues Underlying causes of inconsistent patch management Are your IT administrators trustworthy? Monitoring user activity with network analyzersPriorities for your sound regulatory compliance management policy Go beyond a checklist audit for ...

National Archives does it again!

You may recall my appearance on CNN television earlier this year when a hard drive went missing from the National Archives and Records Administration. Well, apparently some lessons don't sink in. This time around the National Archives folks sent an unsecured hard drive containing personal info on 70 million+ veterans to a vendor for "repair and recycling" (huh?). Apparently an employee subverted a policy then had to go on leave ...