-
16 Jan 2008Lax IRS security – yet another reason for the FairTax!
Apparently a GAO report this week outlines how taxpayer data is at “increased risk of unauthorized disclosure, modification or destruction.” within the IRS: https://web.archive.org/web/20090401053638/http://www.scmagazineus.com/GAO-Lax-IRS-cybersecurity-puts-taxpayer-data-in-danger/article/104008/ Yet another reason to get rid of the IRS! :)...
Continue Reading... -
16 Jan 2008
So Oracle and Open Source really aren’t that secure…?
Chock these up and file 'em away in the I-told-so-you category:Apparently Oracle's latest security update contains fixes for 27 flaws including SQL injection:http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1294080,00.html?track=NL-102&ad=617874&asrc=EM_NLN_2899404&uid=1018924Oh, and now our Imperial Federal Government has to spend tax dollars that we've earned that prove that open source software is flawed...?:http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1289637,00.html?track=NL-102&ad=617852&asrc=EM_NLN_2860161&uid=1018924The reality is folks, that regardless of the type of software - I don't care what language it's written in, how much money is charged for ...
Continue Reading... -
14 Jan 2008
New evidence of wireless way before our time
This is something that's been out there for a while, but when my Canadian colleague, security guru, and all-around good guy Peter Davis forwarded it to me, I laughed out loud. Had to share it:After having dug to a depth of 10 meters last year, American scientists found traces of copper wire dating back 100 years and came to the conclusion that their ancestors already had a telephone network more ...
Continue Reading... -
14 Jan 2008
Wireless hotspot security measures you can’t afford to overlook
Here's a not-so-innovative piece from one of the prominent wireless gurus, Lisa Phifer, on hotspot security but it's a good reminder of what to do nonetheless: http://www.wi-fiplanet.com/tutorials/article.php/3720151...
Continue Reading... -
12 Jan 2008
Solid backup/imaging tool worth checking out
If you're tired of the same old complex backup software or you have some select systems you can't afford to take the time to completely rebuild after a drive crash, theft/loss, etc. check out Acronis True Image. It's an imaging program like the original Ghost application from the '90s but can also perform select data backups. They have a version for Windows Servers, Linux, and SQL Server as well. The ...
Continue Reading... -
11 Jan 2008
Be careful when checking for domain name availability!
Although I'm (currently) a customer of Network Solutions for a few of my Internet domain registrations, I've never been a big fan. Too much cockiness and too much money for registering domain names. Well, they've finally stepped over the line and are apparently doing something that I've often wondered was taking place with domain name registrations.According to this NewsFactor article, Network Solutions is monitoring domain names that people are searching ...
Continue Reading... -
08 Jan 2008
Thought for the day on security getting in the way
Here's a great quote I was reminded of that made me chuckle thinking about how information security controls often result in the same outcome...From the business master himself:"Most of what we call management consists of making it difficult for people to get their work done." -- Peter Drucker...
Continue Reading... -
07 Jan 2008
Holiday shopping insight: Security for security’s sake?
Over the Christmas holidays I noticed an interesting retailer procedure that strikes home with us in information security. It's manager overrides...You know when you buy something special or need to return something that requires manager approval...The cashier has to call over a manager to override what s/he is trying to do. I certainly understand the need for an override. Maybe the purchase is over $500 or there's no receipt for ...
Continue Reading... -
07 Jan 2008
2008 is the year to be in information security
Welcome to 2008!I'm back from my holiday time off and working to get the kinds out of my hands after so many days of not typing. Well, not as much time off as I had hoped. I regret to say that I spent nearly half of my vacation setting up my new computer. I'll summarize my experience down to this: Windows Vista is nice in a lot of ways...but be ...
Continue Reading... -
24 Dec 2007
A good resource for getting your name out there…
Over the years writing and speaking have proven very useful for marketing myself and establishing my credibility in the information security field. But you can't just write or speak abd expect everyone to all of a sudden know about you...You've got to keep your name out in front of people - in plain sight...all the time.If you work for yourself (or aspire to in the near future), you've got to ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including:
