After all, it's all about me
People are very responsible, making sure they follow all recommendations for keeping themselves safe, until they think they will be deprived of something cool if they do.
Protect laptop traffic in hot-spots and hotels - Part 2
In Part 1 of this two-part series, we explored the necessity of protecting sensitive information flowing across public networks--both wired and wireless. We also looked at a for-fee solution, MegaProxy. In Part 2, we examine a free public network data protection solution, Hotspot Shield from AnchorFree.
Protect laptop traffic in hot-spots and hotels - Part 1
In this series of two posts, I look at two services providing encryption for traffic passing over public networks - MegaProxy (fee-based) and AnchorFree (free). MegaProxy is the topic of Part 1.
The SD WORM card and proper handling of evidence
Preserving electronic evidence is not only a function of the medium used; it also includes basic evidence handling techniques required to preserve evidence integrity.
The one-time credit card that isn't
Not too long ago, I wrote about a great service provided by PayPal--the one-time credit card, Secure Card. I still use the service, and I think its a great addition to my online shopping habit. However, I found out recently that the credit card isn't exactly restricted to a single use.
Finding online security videos
Online video is a great medium for keeping up-to-date on security news, technology, etc. I'm a visual person. Sometimes seeing provides for better cerebral absorption than reading an article. This is one of the reasons I started adding flash videos to some of my blog posts. However, finding a single security video aggregation site isn't easy.
Nice try, but I'm not buying it...
So a backup tape was stolen, no equipment was taken, nothing else appeared to be disturbed, and we're supposed to believe the thief wasn't after the data on the tape. In other words, the tape was taken without any idea how to retrieve the data. Maybe it was taken to serve as a paperweight.
Find stolen laptops with open-source Adeona
Several services, including LoJack, have released for-fee laptop recovery services. When a user becomes a victim, he or she notifies the service. The service checks to see if the stolen laptop has recently connected to the Internet, captures the connection location's IP address, and notifies law enforcement. A new open-source solution, from the University of California, San Diego, called Adeona, provides a no-frills alternative.
Investment firm security breach: Ignorance or negligence
I often wonder when security incidents like this occur whether anyone is actually listening to the security community. If this investment company was aware of how to prevent employee-caused breaches, then maybe this breach should be attributed to simple negligence.
Media disposal must include sanitation
Media sanitation isn't a critical step when all sensitive information is encrypted, but releasing unencrypted systems to the public can have the same consequences as posting it on the Web.
Surprise! Users ignore security policies.
If users still don't understand their role in protecting information, and if they regularly perform actions that violate policy, what steps has management taken to change attitudes and habits?
Best Security Tools: Secunia PSI
Scanning desktop and laptop images to make sure all security patches are applied is not always easy. Especially when applications from a variety of vendors are installed. Secunia PSI, a free download, can help.
Management's right to employee communication: There are limits
The courts have consistently upheld business rights to information stored on company-owned information assets, including email and other messaging media. There were limits, like restricting data retrieval to items actually related to business transactions or relavant to an ongoing investigation. Now, however, a U.S. Federal court has placed messages sent via contracted services within the scope of employee expectation of privacy.
Best Security Tools: Free online Web utilities
Have you ever needed to PING a host, trace a Web route, or see what information you're exposing to the Internet without having to reconfigure the security on your perimeter devices? Have you tired of having to call your managed security services provider to let them know it's you creating the anomalous behavior, not an attacker? Then maybe you should check out one of the free, online Web services providers.
Protect your email address from spammers, help digitize books
In addition to providing a free, downloadable CAPTCHA solution for Web developers, the site also offers a way to protect your contact email address used on your Web site.
name: MAGPIE