-
17 Dec 2009“Top Blogs” list & some home security considerations
I think I may have found the first sign that my blog is growing and gaining some traction. I've made it to the Top 20 Home Security Bloggers list. Many thanks to Adrienne Carlson for this. There are some other interesting blogs on her list so check it out.Speaking of home security here's something to consider while home with your family over the holidays. Many believe we have a "right" ...
Continue Reading... -
16 Dec 2009
How Tiger Woods’ marriage is like risk management
In the seemingly unavoidable media drone tirades hammering Tiger Woods and his marital situation I realized the tie-ins that such high-profile marriages have with what we do in the information security field. It boils down to two things:It's all about the moneyThe focus going in is on who can get the most out of it - "what's in it for me?"We see this all the time when it comes to ...
Continue Reading... -
03 Dec 2009
Another file/folder security option
One of the biggest vulnerabilities I come across in my security assessments is sensitive information scattered about unprotected drives/shares. Solutions to this dilemma include locating/classifying different information types, locking down shares and file permissions, and encrypting information on mobile devices. If the latter option interests you there's a new company I stumbled across called New Softwares.net that sells very reasonably-priced software that can help. I haven't tried it out yet ...
Continue Reading... -
01 Dec 2009
Funny thing about notices of privacy practices
I just received a "notice of insurance information practices" from my health insurance provider that says something to the effect of:"ALL INFORMATION CONFIDENTIAL. We're required by law to keep your information confidential. It will be seen only by our employees and authorized business associates."Really? Pretty gutsy statement from any business but especially one who's already been listed on the Chronology of Data Breaches....
Continue Reading... -
20 Nov 2009
I need your help *today* Friday Nov 20th
You may already be aware of TechTarget's IT Knowledge Exchange. It's a great place to ask questions and/or establish yourself as an expert.Anyway, I just realized that today's the last day to nominate another member [subliminal message]Kevin Beaver[/subliminal message] for their Panasonic 42" TV giveaway. Someone you know [subliminal message]Kevin Beaver[/subliminal message] is in the running and could really use your help.So what's in it for you? When you nominate ...
Continue Reading... -
20 Nov 2009
“Computer glitch” always to blame for someone’s bad choices
Here's my two cents on the people failure - I mean "computer glitch" - at Atlanta's Hartsfield airport yesterday. Gotta blame something...Hartsfield outage: "Computer glitch" or FAA "people failure"?...
Continue Reading... -
19 Nov 2009
I could’ve sworn we had this thing called HIPAA
Remember way back in April of 2005 when the HIPAA Security Rule went into effect? Well apparently some healthcare providers didn't get the memo. Big blow to Health Net.So, no reasonable security controls to meet the HIPAA requirements much less no encryption of mobile storage devices? Seriously people: what is it going to take to encrypt mobile drives!!??I'm not a fan of BitLocker in the enterprise and not sure how ...
Continue Reading... -
16 Nov 2009
So, certification is what’s best for your career, huh?
Per Microsoft Learning's director: "We see the trend increasing that individuals are making the decision that what is best for their careers is to be certified"...Completely disagree. Read the news column...Can you see the hidden message?Here's what's best for your information security career...substance, not certification. Ooh, maybe I should trademark that. ;-)...
Continue Reading... -
16 Nov 2009
BitLocker and Windows 7 – Things you need to consider
I was recently asked to write a whitepaper on considerations for Bitlocker in Windows 7. While doing my initial research I learned a lot about BitLocker and discovered some new ideas and approaches for managing sensitive data. In this whitepaper I cover:Why data encryption mattersBitLocker’s new features in Windows 7Operational concerns you need to think aboutUsability issues that can create problemsPotential compliance and security gaps you don’t want to overlook…and ...
Continue Reading... -
11 Nov 2009
Responsibility becoming a thing of the past?
Here's a great post from Neal Boortz regarding holding people responsible for their choices. It's very simple to blame something inanimate instead of fixing the real problems. Like blaming malware for security breaches...Practically everything in life and business can be traced back to choice - that's why we have to use it wisely....
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including one of the best-sellers of all time:
