-
07 Jan 2008Holiday shopping insight: Security for security’s sake?
Over the Christmas holidays I noticed an interesting retailer procedure that strikes home with us in information security. It's manager overrides...You know when you buy something special or need to return something that requires manager approval...The cashier has to call over a manager to override what s/he is trying to do. I certainly understand the need for an override. Maybe the purchase is over $500 or there's no receipt for ...
Continue Reading... -
07 Jan 2008
2008 is the year to be in information security
Welcome to 2008!I'm back from my holiday time off and working to get the kinds out of my hands after so many days of not typing. Well, not as much time off as I had hoped. I regret to say that I spent nearly half of my vacation setting up my new computer. I'll summarize my experience down to this: Windows Vista is nice in a lot of ways...but be ...
Continue Reading... -
24 Dec 2007
A good resource for getting your name out there…
Over the years writing and speaking have proven very useful for marketing myself and establishing my credibility in the information security field. But you can't just write or speak abd expect everyone to all of a sudden know about you...You've got to keep your name out in front of people - in plain sight...all the time.If you work for yourself (or aspire to in the near future), you've got to ...
Continue Reading... -
21 Dec 2007
My articles from this week
Here are my information security articles from this week that you may be interested in. Locking Down Today's Data Centers Cracking passwords the Web application way Basic SQL Server security principles you can't afford to miss For all of my past information security tips and tricks be sure to check out www.principlelogic.com/resources.html. Enjoy!...
Continue Reading... -
20 Dec 2007
Hilarious Christmas video that says it like it is
Check out PGP's 'The 12 Threats of Christmas'...It's really well done and it'll make you think about security. Even better...it'll make you laugh.http://www.youtube.com/watch?v=PSRPGHyYq90 Merry Christmas!Yours Truly,Kevin...
Continue Reading... -
19 Dec 2007
Firewall Best Practices
Based on yesterday's post regarding firewall best practices, I thought it made sense to go ahead and post the 'best practices' content here as well. This is straight out of my Firewall Best Practices document I just recently updated:Firewalls are not the end all, be all solution to information security. They are, however, a necessary component of an effective network security infrastructure. The following list is a set of reasonable ...
Continue Reading... -
18 Dec 2007
Firewall change management? Who needs that anyway…
I recently had someone contact me and ask about the change management item I list in my Firewall Best Practices document. This person's inquiry revolved around them trying to get management to adopt change management practices and the troubles associated with having to properly and realistically explain to management the risks involved of not having good practices. This person wanted to know if I could explain the risks involved when ...
Continue Reading... -
14 Dec 2007
My articles from this week
Here are my information security articles from this week that you may be interested in. Beyond Natural Disasters: Business continuity issues you haven't thought of before Find Windows vulnerabilities with a hex editor Why store sensitive data if you don't have to? For all of my past content be sure to check out www.principlelogic.com/resources.html. Enjoy!...
Continue Reading... -
14 Dec 2007
Isn’t this what HIPAA is for?
I've been hearing a little sound bite on my local radio station of Hilary Clinton saying "I believe everyone -- every man, woman, and child -- should have quality, affordable health care in America. We should do it. We should do it, because, in this new economy, when people move jobs more than ever before, their health insurance should move with them." You can see the transcript on Hilary's Media ...
Continue Reading... -
07 Dec 2007
My articles from this week
Here's my one information security article from this week that you may be interested in. For all of my past content be sure to check out www.principlelogic.com/resources.html.The Fallacy of SSLEnjoy!...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including one of the best-sellers of all time:
