-
16 Nov 2009BitLocker and Windows 7 – Things you need to consider
I was recently asked to write a whitepaper on considerations for Bitlocker in Windows 7. While doing my initial research I learned a lot about BitLocker and discovered some new ideas and approaches for managing sensitive data. In this whitepaper I cover:Why data encryption mattersBitLocker’s new features in Windows 7Operational concerns you need to think aboutUsability issues that can create problemsPotential compliance and security gaps you don’t want to overlook…and ...
Continue Reading... -
05 Oct 2009
National Archives does it again!
You may recall my appearance on CNN television earlier this year when a hard drive went missing from the National Archives and Records Administration. Well, apparently some lessons don't sink in. This time around the National Archives folks sent an unsecured hard drive containing personal info on 70 million+ veterans to a vendor for "repair and recycling" (huh?). Apparently an employee subverted a policy then had to go on leave ...
Continue Reading... -
23 Sep 2009
Quoted in today’s WSJ
If you can, check out today's Wall Street Journal - page A20. I talk about sensitive information being mismanaged on mobile devices. You may already know how I feel about mobile security...what's it going to take to fix this issue?...
Continue Reading... -
09 Sep 2009
Loving BitLocker so far…
I recently wrote about Windows BitLocker's false sense of security and I've made it loud and clear that I'm a big advocate of encrypting mobile drives. Well, since I had to reload my laptop recently I decided to take the plunge into Windows 7 la la land and, at the same time, decided to try out BitLocker rather than reload PGP whole disk encryption. I don't know if I'm missing ...
Continue Reading... -
15 Jul 2009
UPS sloppiness – How’s this for document security?
I just went into a bathroom behind a UPS delivery guy. He left both his handheld computer and someone's overnight package sitting on the sink counter while he went into a stall. Anyone could've walked out with both and he'd never know who did it...This helps explain how packages go missing and subsequent breach notifications ensue.Gives you the warm fuzzies about using UPS to ship sensitive documents, huh!?...
Continue Reading... -
22 Jun 2009
Charles Schwab hard drive removed & then stolen
Yet another one for the hall of shame list. You know how I am about it, I'm sure this hard drive was encrypted. ;-)...
Continue Reading... -
22 Jun 2009
Windows BitLocker’s false sense of security
In this piece Tony Bradley provides some great insight into how Windows BitLocker "drive" encryption works in Vista and Windows 7. Actually BitLocker is not drive - or whole-disk - encryption after all...As Tony states it's more like whole-volume encryption.Keep this in mind when securing your laptop and mobile drives. This could create a pretty serious false-sense of security that everything's locked down when indeed it's not. Same as the ...
Continue Reading... -
03 Jun 2009
Secret list of nuclear sites released “by accident”
Apparently our Imperial Federal Government can't even follow its own rules for information privacy and security. It was just announced that a secret list of nuclear sites was released "by accident".First of all, "accidents" are like "computer glitches" - there's almost always human error behind them. Do you see the irony here? How is heavily-regulated private industry to be expected to lock everything down when the very entity writing OUR ...
Continue Reading... -
21 May 2009
My CNN TV appearance – yet another mobile drive debacle
CNN's Mike Ahlers and Elaine Quijano put together an intriguiging segment about a lost hard drive from the National Archives for The Situation Room with Wolf Blitzer television show I appeared on last night. The hyperlink goes to the actual article...the video hasn't been posted yet and they're telling me it may not be. I hope you had the chance to see it live last night. If it gets posted ...
Continue Reading... -
11 May 2009
My latest security content
Here's my latest information security content - more from the queue coming soon...just waiting for it to be published.Here's a webcast I recorded for SearchCIO.com:Continuous Data Protection (CDP) Strategies for the EnterpriseHere are two whitepapers I wrote for Realtimepublishers.com on behalf of Credant:Navigate the Future of HIPAA ComplianceData Protection for the Evolving WorkforceAs always, be sure to check out www.principlelogic.com/resources.html for all of my information security articles, podcasts, webcasts, screencasts ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:
