After reading this piece about the recently released report on the TJX breach from the Office of the Privacy Commissioner of Canada and the office of the Information and Privacy Commissioner of Alberta, I had a thought about the false sense of security that wireless encryption gives us. TJX was apparently using both WPA and WEP for wireless encyrption but it was the WEP that got them into trouble. The ...
Continue Reading...As the saying goes, the more things change they more they stay the same. It suits what's happening with security just perfectly. It's common knowledge that computer security is a problem that affects every business and every individual in some way. Security best practices are available. The rules have been laid down. Why are breaches still occurring?I think to myself, on the surface there's:information systems complexityuntrained IT staffpeople not using ...
Continue Reading...Do you work for a law firm that provides a client Web portal that houses extremely sensitive case information (or other similar system that allows a client to manage their own data)? If so, chances are there are weaknesses in the system waiting to be exploited. Be it the commonly-used SharePoint or any other commercial or home-grown system, all it takes for someone with ill intentions to create a problem ...
Continue Reading...There's something that's coming up more and more that I'm building a stronger opinion about each year. It's expecting the best of ourselves and others. We're coming to a point in our society where it's inappropriate, offensive, and politically incorrect to demand the best from our ourselves and others in literally every aspect of our personal lives and our careers. This is especially true in our society where those who ...
Continue Reading...I get the question "What part of security do you like the best?" quite often. The first part of my response is always "security testing". Any given network has lots of weaknesses - regardless of how much it's locked down and I love trying to find and point out all the flaws. [My wife used to say I was really good at pointing out other flaws, but I've since worked ...
Continue Reading...It's taken some time to put the technology together, but I've finally done it! I'm officially on the blog bandwagon. Still building out some functionality - but the basics are up and running.What I talk about here ties in with my Security On Wheels audio programs. Thanks for checking in and joining me in this adventure. Many security opinions, commentaries, and insights to come!...
Continue Reading...