Archive for Computer & Network Security
Securing Security Challenges
Posted by: | Comments
Found USB Drive in Parking Lot
Posted by: | CommentsI was recently told of a story of an incident that happened a few weeks ago. However, this is not the first time I have heard the tale. An employee is walking through the parking lot and finds a USB stick on the ground. Fearful that it might be important information of a colleague, the employee picks up the stick and takes it back to his office. To determine who is the owner, the employee inserts the drive into his computer and opens up the folders thinking that its contents will identify the owner.
WAM – the entire company’s network is infected with a new virus that the anti-virus program did not recognize.
The dropping of virus seeds in the way of USB drives is a very common attack. Drives are left in corporate lobbies, doctor’s offices, parking lots, restaurants, any place where people gather. The thieves are counting on Good Samaritans to help their follow man or woman.
Employers need to inform their employees of the following procedures:
1. If they find a USB drive never have them put it into their computer
2. They should give the drive to IT to determine what they want to do with it.
3. If there is no IT dept either drob the drive into the garbage or first smash it with a hammer before dropping it into the garbage.
4. Don’t worry that someone will loose important data. They probably have backup and if they don’t they soon will; and if there was confidential data on the device you just saved the company’s customers from a data breach.
Medical ID theft is nothing to sneeze at
Posted by: | CommentsBelow is a report from the Smart Card Alliance on Medical Identity Theft. While the info is staggering the walk away points for me is the migration to PHRs, EHRs and HIEs. Security has to start at the very beginning and that is where a secure token and password manager combination work well together.
Medical Identity Theft in Healthcare
Publication Date: March 2010
While identity theft is a global issue that garners much media attention, most do not realize that medical identity theft is a serious and growing threat. Many authorities consider medical identity theft one of the fastest growing crimes in America. With the Read More→
Facebook Privacy Settings
Posted by: | Comments“ATTENTION !!!!!!! As of today, there is a NEW PRIVACY setting called “Instant Personalization” that shares data with non-Facebook websites and it is automatically set to “Allow”. Go to Account> Privacy Settings > Applications and Websites > Instant Personalization> Edit Settings, and uncheck “Allow”. BTW if your friends don’t do this, they will be sharing information about you.
How Secure are the Secure Email Programs?
Posted by: | CommentsHITECH is the latest requirement to secure HIPAA. And while there are many parts to these regulations, the latest question I have been getting is finding a good secure email and encryption document attachments application. Well, it turned out to be like asking me for a good flavor of ice cream. It really depends on your taste. There are many different ways companies have implemented security.
In the world of secure emails the choice may be based around your preferred communications channel (smart phone, PC, netbook, etc), what is convenient to you, are you more of a cloud person or a PC based email app user, price per user, number of emails that can be sent, and so forth. But the number one perspective you have to have in evaluating any of these different products is how convenient is it to your recipients. I am a firm believer that if you make security cumbersome, then users will always find ways to circumvent security for their own convenience. However, you can’t make something so convenient that security is thrown out the window. It’s a balancing act. Read More→
Identity Theft Affects Email Marketing
Posted by: | CommentsThe economy, layoffs, fear and everything else that are making people nervous about the future has also lead to a rapid increase in small internet businesses popping up. With today’s tools a person could potentially have a business up and running in hours. However…
Identity theft has raised the bar in blocking access to your new and existing customers using email marketing campaigns. In the past we may have found spam annoying as it filled up our in box, but with phishing, pharming, social media spying, etc. all being used to steal one’s personal information, it’s gotten to the point of customers not opening, blocking and erasing all correspondences (legitimate or not). Hey, better safe than sorry.
All the so-called business cost savings that can be achieved using electronic media may be flying out the window. Aweber, Constant Contact, and others all have great products and these attacks are not their fault. Just realize that their identity has also been stolen: their brand. But as a business owner do you want to pay monthly service fees if all your marking efforts only end up in eTrash.
So, before starting a large, expensive email marketing campaign, determine if your customers will even read or click onto anything you send them. Maybe the new way to keep your customers informed is by creating a blog and posting your information and stories there. This strategy forces your customers to come to you and keeps them in control.
Technology Companies Must Incorporate Security Engineers
Posted by: | CommentsAll technology developing companies must incorporate security engineers before bringing new products to market. Anything less is just plain irresponsible and greedy. It pains me to criticize my fellow technology brethrens, but privacy theft has to be stopped. Read More→
Amazon / Google Spam
Posted by: | CommentsBut it looks like an Amazon ad. It’s Not!
Beware of a email that looks like an product selection or monthly deal from Amazon. There are many places to click to see pictures, unsubscribe, etc. It is spam to get access to your computer.
Businesses today are using more online shopping carts and online marketing services to inform customers about their products. As spammers start coping the look and feel of your emails then they cause everyone to erase anything that come electronically from any company. Legitimateor not. I can’t tell you how many deals I have been offered by companies simply because I don’t trust the email. And some of these deals were legit.
So if you do use auto-responders only use ones from reputable companies.
Individuals, if in doubt always check the links by hovering you mouse over it and reading the URLdata. If it does no look right, don’t click. If by chance you have, be sure you have a strong anti-virus program so block access and protect your computer and data.
The Cloud Goes Green, but is it Secure?
Posted by: | CommentsRecently I received an invite to a webinar discussing how companies are transforming their business by using more cloud-like infrastructure. The argument is that it saves the company’s enery and reduces their carbon footprint.
While I am not here to dispute these claims, I do warn any company that migrates to more cloud infrastructure to make security of the data paramount in their plan. Especially with the many state and federal privacy protection laws on the books. As been blogged about before, the average cost on a company from a data breach in 2009 was $6.7 million per incident. Read More→
It’s 10pm, do you know where your PII is?
Posted by: | CommentsThe federal government recently published a guide on protection Personal Identifiable Information (PII). There are two aspects to PII that every company must be aware of:
1) What information information is considered confidential, &
2) Where this information is stored in the company. Read More→
