Securing Security Challenges
By · Comments
Found USB Drive in Parking Lot
By · CommentsI was recently told of a story of an incident that happened a few weeks ago. However, this is not the first time I have heard the tale. An employee is walking through the parking lot and finds a USB stick on the ground. Fearful that it might be important information of a colleague, the employee picks up the stick and takes it back to his office. To determine who is the owner, the employee inserts the drive into his computer and opens up the folders thinking that its contents will identify the owner.
WAM – the entire company’s network is infected with a new virus that the anti-virus program did not recognize.
The dropping of virus seeds in the way of USB drives is a very common attack. Drives are left in corporate lobbies, doctor’s offices, parking lots, restaurants, any place where people gather. The thieves are counting on Good Samaritans to help their follow man or woman.
Employers need to inform their employees of the following procedures:
1. If they find a USB drive never have them put it into their computer
2. They should give the drive to IT to determine what they want to do with it.
3. If there is no IT dept either drob the drive into the garbage or first smash it with a hammer before dropping it into the garbage.
4. Don’t worry that someone will loose important data. They probably have backup and if they don’t they soon will; and if there was confidential data on the device you just saved the company’s customers from a data breach.
Medical ID theft is nothing to sneeze at
By · CommentsBelow is a report from the Smart Card Alliance on Medical Identity Theft. While the info is staggering the walk away points for me is the migration to PHRs, EHRs and HIEs. Security has to start at the very beginning and that is where a secure token and password manager combination work well together.
Medical Identity Theft in Healthcare
Publication Date: March 2010
While identity theft is a global issue that garners much media attention, most do not realize that medical identity theft is a serious and growing threat. Many authorities consider medical identity theft one of the fastest growing crimes in America. With the Read More→
ATT Internet Outage
By · CommentsWe are monitoring what was the cause of the large internet outage yesterday. Don’t know if it was a security attack or some faulty equipment. Eitherway, when was the last time you backed up your website data?
Facebook Privacy Settings
By · Comments“ATTENTION !!!!!!! As of today, there is a NEW PRIVACY setting called “Instant Personalization” that shares data with non-Facebook websites and it is automatically set to “Allow”. Go to Account> Privacy Settings > Applications and Websites > Instant Personalization> Edit Settings, and uncheck “Allow”. BTW if your friends don’t do this, they will be sharing information about you.
How Secure are the Secure Email Programs?
By · CommentsHITECH is the latest requirement to secure HIPAA. And while there are many parts to these regulations, the latest question I have been getting is finding a good secure email and encryption document attachments application. Well, it turned out to be like asking me for a good flavor of ice cream. It really depends on your taste. There are many different ways companies have implemented security.
In the world of secure emails the choice may be based around your preferred communications channel (smart phone, PC, netbook, etc), what is convenient to you, are you more of a cloud person or a PC based email app user, price per user, number of emails that can be sent, and so forth. But the number one perspective you have to have in evaluating any of these different products is how convenient is it to your recipients. I am a firm believer that if you make security cumbersome, then users will always find ways to circumvent security for their own convenience. However, you can’t make something so convenient that security is thrown out the window. It’s a balancing act. Read More→
Email marketing is a waste of time and money
By · CommentsNot for reason you might think. Internet security or the lack there of, has made users suspicious and distrustful to all unsolicited emails. Let’s first take the argument from the personal perspective. We all have been hit with spam in our email accounts. We may have also experiences are own email address being hijacked by email spoofers. All with the intent to get the recipient to click a link or open a file to start the process of identity theft. Read More→
Identity Theft Affects Email Marketing
By · CommentsThe economy, layoffs, fear and everything else that are making people nervous about the future has also lead to a rapid increase in small internet businesses popping up. With today’s tools a person could potentially have a business up and running in hours. However…
Identity theft has raised the bar in blocking access to your new and existing customers using email marketing campaigns. In the past we may have found spam annoying as it filled up our in box, but with phishing, pharming, social media spying, etc. all being used to steal one’s personal information, it’s gotten to the point of customers not opening, blocking and erasing all correspondences (legitimate or not). Hey, better safe than sorry.
All the so-called business cost savings that can be achieved using electronic media may be flying out the window. Aweber, Constant Contact, and others all have great products and these attacks are not their fault. Just realize that their identity has also been stolen: their brand. But as a business owner do you want to pay monthly service fees if all your marking efforts only end up in eTrash.
So, before starting a large, expensive email marketing campaign, determine if your customers will even read or click onto anything you send them. Maybe the new way to keep your customers informed is by creating a blog and posting your information and stories there. This strategy forces your customers to come to you and keeps them in control.
Are You Protecting Your Data With a Screen Door?
By · CommentsWell, you probably heard about the Educational Credit Management Corp (ECMC) data theft on March 21st of a media device that stored the student loan information of 3.3 million individuals. While this theft could be devastating to the individuals – depending on who stole the information and what they do with it – it is already a major expense for ECMC. Here are just a few costs they can expect:
• Bad press
• Government investigations and fines
• Credit monitoring services to the victims
• Law suits and legal services
• New security technologies and policies to implement
• And then, how productive will employees be with all these changes being implemented. Read More→
Technology Companies Must Incorporate Security Engineers
By · CommentsAll technology developing companies must incorporate security engineers before bringing new products to market. Anything less is just plain irresponsible and greedy. It pains me to criticize my fellow technology brethrens, but privacy theft has to be stopped. Read More→
