d.strom, cissp, gsec, gsna on July 23rd, 2010

I checked my email yesterday morning and was greeted with these three headlines: Employee at Maryland state agency posts client information online Sensitive database compromised at Buena Vista University Hospital: files with personal, medical data on 800,000 gone Whether a state agency, hospital or university, the issues are the same. Confidential information must remain confidential [...]

Continue reading about Must. Be. Diligent. Always.

d.strom, cissp, gsec, gsna on June 1st, 2010

We can’t let employees use an Android phone. It’s not enterprise-ready! A Mac? We don’t use those. Flash drives are not allowed here! We have all heard arguments like that. For as long as I’ve been active with information security, there has been tension between non-InfoSec folks and technology users. Users perspective – The tools [...]

Continue reading about Usability vs Security

d.strom, cissp, gsec, gsna on July 17th, 2009

Twitter hacked by old technique — again by AP: Yahoo! Tech This article came out yesterday. The short description is that a compromised personal email account led to a compromise at Twitter. Although the article is written with the focus on Twitter, this can just as easily happen to you and your organization. Tip: Keep [...]

Continue reading about InfoSec Tip: Keep Personal Separate From Work

d.strom, cissp, gsec, gsna on January 4th, 2009

A couple of posts ago, we began the End of Year Cleanup discussion. In that post, I encouraged you to ask the question “Where are we?” with regard to information security within your organization. Now, we must address the question “Where do we want to be? Over the years I’ve had several people express that [...]

Continue reading about End of Year Cleanup, Part 2

d.strom, cissp, gsec, gsna on October 6th, 2008

Many companies and individuals filter their connection to the Internet. Many others allow wide-open, unfiltered access to whatever their ISP provides. While there may be some good reasons to have unfiltered access in some settings, it is wise to consider applying some filtering to the Internet connection. Consideration should be given to these issues: Policing [...]

Continue reading about Why filter your Internet connection?