Here's another thought in the same spirit as my previous post where I talked about sharing out your desktop when using WebEx, GotoMeeting, and the like and then doing stuff that other people probably shouldn't see.I just attended a very unprofessional webcast put on by an otherwise respectable security vendor where a person on their end didn't have her phone muted. I could hear everything she was saying, part of ...
Continue Reading...Apparently our Big Government Federal prosecutors here in the U.S. are going to enforce Web site usage policies on behalf on the businesses who post them. According to this story, simply entering bogus information into online services could turn you into a Federal criminal. Wow. I would expect this from some countries, but I suppose, in reality, the U.S. isn't much different than any of the others in trying to ...
Continue Reading...With all of the technical sophistication we have, apparently business people still haven't figured out a way to automate the employee monitoring function. According to a new Proofpoint/Forrester Consulting survey, 41% of organizations companies with 20,000+ employees are *employing* people to monitor outbound email. Are you serious!? We've had automated employee monitoring systems for 10+ years that anyone in HR can manage and companies are paying people to do this ...
Continue Reading...Here's an information security article published this week:Security tools that can boost Windows Mobile security As always, for my past information security content be sure to check out www.principlelogic.com/resources.html.Enjoy!...
Continue Reading...Apparently Dave and Buster's (a favorite place of mine for food and fun) is one of the latest security breach "victims". This is a VERY good reason to NOT use debit cards (what consumer guru Clark Howard calls piece of trash fake Visas and fake Mastercards).I never use a debit card at a store or restaurant if it looks like the card scanner is connected directly to a computer. That's ...
Continue Reading...A la the $300 billion housing bailout sponsored by the American Taxpayers (can you believe that!), maybe our government can one day bail out all of the irresponsible business managers that refuse to take information security seriously as well..??Man, can you imagine what $300 billion could do to improve security for the ignorant masses of business goons across this country!? I'm thinking firewalls for everyone. Maybe even new wireless APs ...
Continue Reading...Here's an information security article published this week:Integrating source code analysis into your database security measures As always, for my past information security content be sure to check out www.principlelogic.com/resources.html.Enjoy!...
Continue Reading...Here's an interesting story I stumbled across. Didn't seem to get much coverage elsewhere. Apparently people can't even visit our own White House without getting victimized. Man....that train of thought could go in SO many directions. Anyway, the lesson is to not leave your Blackberries, smartphones, and PDAs lying around in your purse, on your desk, or any other conspicuous place where they can be taken.No worries here though, I'm ...
Continue Reading...Here's a good read from security analyst/guru Mike Rothman on how penetration testing can help with compliance.The only thing I'd add is that you've gotta do more than traditional "pen testing" as we know it. And you've got to do it periodically and consistently. Not just one time. Use what I call the ethical hacking methodology that combines the best of penetration testing and general vulnerability testing. When seeking reasonable ...
Continue Reading...Here's a good read for consultants and people with small businesses on what not to do when dealing with clients.I'll have my own version of these in my upcoming audio program Succeeding as an Independent Consultant. We all make stupid mistakes...the key is whether or not you keep repeating them....
Continue Reading...