December 17, 2008 4:46 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
Compliance,
Data Breaches,
Identity theft,
SecurityIt's been an interesting week in "Breachland," with reports of breaches in all sorts of places: eyewear companies,
November 27, 2008 2:40 AM
Posted by: Arian Eigen Heald
Admins and Auditors,
Compliance,
Data Breaches,
Identity theft,
SecurityThe core requirements for committing the kind of data theft that leads to identity theft are ability, motivation and opportunity.
Ability means having the skills to do the actions required. Start-up costs for data theft are low, with information readily available, computer...
November 25, 2008 2:57 PM
Posted by: Arian Eigen Heald
Compliance,
Data Breaches,
HIPAA,
Identity theft,
IT audit,
PCI DSS,
SecurityThe most significant financial impact of identity theft has yet to be examined. I believe that the risks to business and other institutions now include legal, reputation, financial and compliance risks that cannot be transferred.
Victims of identity theft are looking to recoup their financial...
November 17, 2008 9:42 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
Compliance,
Data Breaches,
IT audit,
SecurityI can hear the collective eye-rolling from here. But guess what! New federal regulations are requiring security education from organizations as part of compliance:
SEC regulations for financial institutions http://www.sec.gov/index.htm...
October 6, 2008 8:19 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
AS/400,
Compliance,
IT audit,
Security,
Tools & Tricks of the Trade,
Tools for Auditing and SecurityIBM's system iSeries are some of the most solid server systems around. Formerly (and by some, still called) the AS400, those servers are at the top of the food chain for reliability and stability. DB2, the native database system for iSeries, is as solid as a rock, and powers many of the banking,...
October 2, 2008 7:39 PM
Posted by: Arian Eigen Heald
Compliance,
Security,
Tearing My Hair OutAn interesting new study commissioned by Cisco has just been released.CISCO Study The study focused on the behavior of people in...
September 24, 2008 5:36 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
Compliance,
free tools,
IT audit,
Security,
Tools & Tricks of the Trade,
Tools for Auditing and SecurityI just love VBS.
And I love the folks that share their tools, AND give us a nice interface AND allow us to push a report to a .csv file. So a BIG thank-you should go out to Jeffrey Hicks, who has his own site, anjd a helpful
September 19, 2008 7:37 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
Compliance,
Database,
Database security,
Development,
IT audit,
Microsoft Windows,
Security,
SQL Server,
Steps to an Easy Audit,
Tools & Tricks of the Trade,
Tools for Auditing and SecuritySQL "Server" runs on top of MS Windows, and it has groups inside of it that are not seen on the Windows server or even the Windows Domain. That's why we have to check and make sure that inappropriate users don't have complete access to everything inside the database. Not everyone should be...
September 16, 2008 5:58 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
Compliance,
Database,
Database security,
free tools,
IT audit,
Microsoft Windows,
PCI DSS,
Security,
SOX,
SQL Server,
Steps to an Easy Audit,
Tools for Auditing and SecurityThere's a lot of really nice application tools to audit SQL databases out there. They have lots of bells and whistles and write out a really nice report with professional formatting. If you've got one of those, LUCKY YOU. But most of us Admins and Auditors have to scrounge for what we can find...
