-
24 Aug 2011What direction are you heading with data protection?
Here's a new guest blog post I wrote for the folks at Credant: Heading in the Wrong Direction with Data Protection? You may see this differently but I think we're heading down the wrong path in this area - especially on phones and other mobile devices. I suspect we'll end up in a situation like we have recently in the U.S. where the very people putting the "stimulus" bill and ...
Continue Reading... -
04 Aug 2011
The difference between “No” and “How”
Here's a humorous and thought-provoking post by my friend Pete Lindstrom that you should check out:Dr. Laura as Information Security OfficerIt's so easy for people to say "No" to information security rather than "How"...similar to how many people - children and adults alike - say "I can't!" rather than "How can I?".People are always going to take the path of least resistance...if you let them....
Continue Reading... -
02 Aug 2011
Indeed, many executives are insulated from reality
Here's a piece where I, Richard Stiennon, Andrew Baker and others weigh on executive management's involvement in information security:Focus Experts’ Briefing: How CEOs Can Prepare for and Respond to CyberattacksUnless and until executives get on board with security - across the board - I'll continue reciting one of my favorite quotes:“Many executives are insulated from reality and consequently don’t know what the hell is going on.” -James Champy...
Continue Reading... -
12 Jul 2011
How smartphones can make us look dumb
Not long ago I heard a gentleman speaking with radio show host Clark Howard about a phone he purchased online. He said it had all sorts of personal information belonging to the previous owner including her healthcare records. Ouch.If I understood the caller correctly it sounded like this personal information was sent to the previous owner by her doctor. A doctor who I'm sure is HIPAA compliant...after all, as most ...
Continue Reading... -
04 Jul 2011
Cloud insecurities, when are they going to end?
This week's post is about cloud security - technically, lack thereof...Check out these new pieces I've written for Security Technology Executive and Acunetix:Dark Cloud Looming?What’s your take on cloud security?Enjoy!As always, be sure to check out www.principlelogic.com/resources.html for links to my 500+ articles, whitepapers, podcasts, webcasts, books and more....
Continue Reading... -
27 Jun 2011
Dropbox “bug” = why the cloud cannot be blindly trusted
I've been ranting about "the cloud" (what a tired term) for a couple of years now. As if we haven't seen enough examples lately of why we cannot put all our eggs in the cloud basket, here's one more with the "code bug" that impacted Dropbox's authentication mechanism over the weekend.Sure, Dropbox isn't an enterprise cloud app per se but I'll guarantee you it's impacting your enterprise this very moment. ...
Continue Reading... -
25 Jun 2011
Exchange incident response, ASLR & common Windows security mistakes
From Exchange to Windows Server to Windows at the desktop, here are some new pieces I've written about Microsoft security that you may be interested in:Six commonly overlooked Exchange security vulnerabilitiesSolidify Your Exchange Server Incident Response Plan10 most common security mistakes people are still makingWhy you need address space layout randomization in Windows Server 2008 R2Enjoy!As always, be sure to check out www.principlelogic.com/resources.html for links to my 500+ articles, whitepapers, ...
Continue Reading... -
18 Jun 2011
When’s political correctness going to impact infosec?
Witnessing the Thought Police's handling of the Tracy Morgan debacle I can't help but wonder if political correctness is not the beginning of dictatorships, Communism, etc. where the population is not allowed to speak up or out against anything.Don't get me wrong. Being a libertarian, I'm pro-choice on everything...To each his own. As long as you're not affecting the life, liberty or property of someone else, then say what you ...
Continue Reading... -
17 Jun 2011
Hacking tools & malware creation illegal – what’s next?
With all the criminal behavior taking place on computers around the world, it appears that politicians are seeking some solutions. For instance, European Union Justice Ministers are proposing a ban on hacking tools. I suspect this law will work just as well as gun laws in the U.S. Simply criminalize the inanimate object (or code) and only the law-abiding citizens will comply. It creates the perfect storm for criminals to ...
Continue Reading... -
13 Jun 2011
IT careers, compliance & the Internet “Freedom” Act
Here are some recent pieces I wrote on IT and security careers and compliance that you may be interested in...content that likely applies to your very situation:Career networking dos and don’ts But Compliance is Someone Else’s Job!Cybersecurity and Internet Freedom Act – New name, same gameEnjoy!As always, be sure to check out www.principlelogic.com/resources.html for links to my 500+ articles, whitepapers, podcasts, webcasts, books and more....
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:
