-
21 May 2008Don’t do this to yourself (and your company) in online meetings
Here's another thought in the same spirit as my previous post where I talked about sharing out your desktop when using WebEx, GotoMeeting, and the like and then doing stuff that other people probably shouldn't see.I just attended a very unprofessional webcast put on by an otherwise respectable security vendor where a person on their end didn't have her phone muted. I could hear everything she was saying, part of ...
Continue Reading... -
21 May 2008
Ridiculous government intrusion – Go ahead, cuff me & take me away
Apparently our Big Government Federal prosecutors here in the U.S. are going to enforce Web site usage policies on behalf on the businesses who post them. According to this story, simply entering bogus information into online services could turn you into a Federal criminal. Wow. I would expect this from some countries, but I suppose, in reality, the U.S. isn't much different than any of the others in trying to ...
Continue Reading... -
20 May 2008
Manually monitoring email? What’s up with that!?
With all of the technical sophistication we have, apparently business people still haven't figured out a way to automate the employee monitoring function. According to a new Proofpoint/Forrester Consulting survey, 41% of organizations companies with 20,000+ employees are *employing* people to monitor outbound email. Are you serious!? We've had automated employee monitoring systems for 10+ years that anyone in HR can manage and companies are paying people to do this ...
Continue Reading... -
16 May 2008
My security content from this week
Here's an information security article published this week:Security tools that can boost Windows Mobile security As always, for my past information security content be sure to check out www.principlelogic.com/resources.html.Enjoy!...
Continue Reading... -
14 May 2008
Interesting breach making the headlines
Apparently Dave and Buster's (a favorite place of mine for food and fun) is one of the latest security breach "victims". This is a VERY good reason to NOT use debit cards (what consumer guru Clark Howard calls piece of trash fake Visas and fake Mastercards).I never use a debit card at a store or restaurant if it looks like the card scanner is connected directly to a computer. That's ...
Continue Reading... -
13 May 2008
Forthcoming information security bailout?
A la the $300 billion housing bailout sponsored by the American Taxpayers (can you believe that!), maybe our government can one day bail out all of the irresponsible business managers that refuse to take information security seriously as well..??Man, can you imagine what $300 billion could do to improve security for the ignorant masses of business goons across this country!? I'm thinking firewalls for everyone. Maybe even new wireless APs ...
Continue Reading... -
09 May 2008
My security content from this week
Here's an information security article published this week:Integrating source code analysis into your database security measures As always, for my past information security content be sure to check out www.principlelogic.com/resources.html.Enjoy!...
Continue Reading... -
09 May 2008
Why you need to protect your Blackberries – even in ‘secure’ locations
Here's an interesting story I stumbled across. Didn't seem to get much coverage elsewhere. Apparently people can't even visit our own White House without getting victimized. Man....that train of thought could go in SO many directions. Anyway, the lesson is to not leave your Blackberries, smartphones, and PDAs lying around in your purse, on your desk, or any other conspicuous place where they can be taken.No worries here though, I'm ...
Continue Reading... -
08 May 2008
Good read on penetration testing helping compliance
Here's a good read from security analyst/guru Mike Rothman on how penetration testing can help with compliance.The only thing I'd add is that you've gotta do more than traditional "pen testing" as we know it. And you've got to do it periodically and consistently. Not just one time. Use what I call the ethical hacking methodology that combines the best of penetration testing and general vulnerability testing. When seeking reasonable ...
Continue Reading... -
07 May 2008
Work for yourself? Check out these gotchas when dealing with clients
Here's a good read for consultants and people with small businesses on what not to do when dealing with clients.I'll have my own version of these in my upcoming audio program Succeeding as an Independent Consultant. We all make stupid mistakes...the key is whether or not you keep repeating them....
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including:
