-
02 Oct 2012Windows server and workstation security essentials
Over the past couple of months I was so focused on writing new content that I've been remiss in posting it online. Here are some tips, thoughts and general opinions around Windows server and workstation security:Desktop backup oversights that can get you into a bindFree open source security tools for finding and fixing Windows flawsMobile security and how you can no longer ignore its impact on enterprise desktop management Why ...
Continue Reading... -
16 Aug 2012
You can’t buy security for $1, but some people will fall for it
I recently deposited a check at a giant monster mega bank that's continually trying to sell me new services and the teller asked: "Would you like to buy identity theft protection for just $1 today?"Wow, really...so you're saying my personal information will be safe and secure for a mere $1...!? Amazing...but no thanks. Sadly, many in management are like the average consumer: they just don't realize what it takes to ...
Continue Reading... -
03 May 2012
The funny thing about iPhones & airplane toilets
My Delta co-passengers and I recently had the opportunity to experience a near 1-hour flight delay due to, none other than, some dude dropping his iPhone into the aft toilet on our fancy Boeing 757. I'm not making this up...Yep, there we were sitting at the gate and this guy comes up to the flight attendants to ask for some help getting his iPhone out of the crapper. Yuck! The ...
Continue Reading... -
08 Apr 2012
Disk encryption for HIPAA + HITECH & why BitLocker may not be the solution
I'm finally back in the swing of things after taking some time off for Spring Break. I hope you're enjoying your Spring as well.Here are two articles I've recently written about full disk encryption...arguably the greatest missing link in any given business's information security program.Things you need to think about regarding disk encryption and data protection for HIPAA and HITECHBitLocker’s improvements leave gaps to be aware ofEnjoy!As always, be sure ...
Continue Reading... -
07 Dec 2011
BitLocker, Passware…heads in sand everywhere!
Three times in the past three weeks. That's how many conversations I've had people who have blown off any sort of technical or operational weaknesses associated with Microsoft BitLocker when using it as an enterprise full disk encryption solution. They're well-documented. I highlighted these issues in my recent whitepaper The Hidden Costs of Microsoft BitLocker as well.I've said it before and I'll continue saying it: I've sung the praises of ...
Continue Reading... -
08 Nov 2011
Mobile devices are the new desktop, what to do now!?
Here are some new pieces I've written for my friends at TechTarget on mobile security that you may be interested in including a piece for TechTarget's new (I think) SearchConsumerization.com site:It's time we shift our thinking about endpoint protectionAct now to prevent smartphone security risks at your organizationCompliance officers' next big headache: Securing mobile applicationsYou know the deal, be sure to check out www.principlelogic.com/resources.html for links to all of my ...
Continue Reading... -
08 Nov 2011
One of my pet peeves: relying on users to wipe out wimpy passwords
You cannot - and should never - rely on your users for complete security...yet they're often the first or last line of defense - sometimes both. I wrote about this a while back but it's a problem that's still rampant in IT so I had to bring it up again. It's probably my biggest pet peeves with security. Simply telling users that they need to select strong passwords on their ...
Continue Reading... -
05 Oct 2011
Information security’s bond with e-discovery is strengthening
We're seeing more and more how information security and e-discovery go hand in hand. Here are two new pieces I've written that delve into the subject. I hope you enjoy.Information security’s tie-in with the e-discovery processLax enterprise mobile device management hampers e-discoveryAs always, be sure to check out www.principlelogic.com/resources.html for links to all of my information security whitepapers, podcasts, webcasts, books and more....
Continue Reading... -
16 Sep 2011
My new paper on BitLocker’s hidden costs
I've been a fan of Microsoft BitLocker since it first came out. It provides a cheap and easy way for users to lock down their laptops and mobile storage devices and is especially helpful in small businesses where security knowledge is scarce at best. Although BitLocker protection can be bypassed, it's still better than nothing - like WEP for wireless networks.Anyway, if you're considering BitLocker as your disk encryption solution, ...
Continue Reading... -
24 Aug 2011
What direction are you heading with data protection?
Here's a new guest blog post I wrote for the folks at Credant: Heading in the Wrong Direction with Data Protection? You may see this differently but I think we're heading down the wrong path in this area - especially on phones and other mobile devices. I suspect we'll end up in a situation like we have recently in the U.S. where the very people putting the "stimulus" bill and ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:
