-
28 Sep 2007Is Your Wireless Encryption Enough?
After reading this piece about the recently released report on the TJX breach from the Office of the Privacy Commissioner of Canada and the office of the Information and Privacy Commissioner of Alberta, I had a thought about the false sense of security that wireless encryption gives us. TJX was apparently using both WPA and WEP for wireless encyrption but it was the WEP that got them into trouble. The ...
Continue Reading... -
27 Sep 2007
Security is a Choice
As the saying goes, the more things change they more they stay the same. It suits what's happening with security just perfectly. It's common knowledge that computer security is a problem that affects every business and every individual in some way. Security best practices are available. The rules have been laid down. Why are breaches still occurring?I think to myself, on the surface there's:information systems complexityuntrained IT staffpeople not using ...
Continue Reading... -
07 Sep 2007
How secure is your law firm’s extranet?
Do you work for a law firm that provides a client Web portal that houses extremely sensitive case information (or other similar system that allows a client to manage their own data)? If so, chances are there are weaknesses in the system waiting to be exploited. Be it the commonly-used SharePoint or any other commercial or home-grown system, all it takes for someone with ill intentions to create a problem ...
Continue Reading... -
06 Sep 2007
Is it too much to expect the best?
There's something that's coming up more and more that I'm building a stronger opinion about each year. It's expecting the best of ourselves and others. We're coming to a point in our society where it's inappropriate, offensive, and politically incorrect to demand the best from our ourselves and others in literally every aspect of our personal lives and our careers. This is especially true in our society where those who ...
Continue Reading... -
05 Sep 2007
Why I love testing Web applications
I get the question "What part of security do you like the best?" quite often. The first part of my response is always "security testing". Any given network has lots of weaknesses - regardless of how much it's locked down and I love trying to find and point out all the flaws. [My wife used to say I was really good at pointing out other flaws, but I've since worked ...
Continue Reading... -
05 Sep 2007
Welcome to my new blog!
It's taken some time to put the technology together, but I've finally done it! I'm officially on the blog bandwagon. Still building out some functionality - but the basics are up and running.What I talk about here ties in with my Security On Wheels audio programs. Thanks for checking in and joining me in this adventure. Many security opinions, commentaries, and insights to come!...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including:
