Sister CISA CISSP:

Data Breaches


March 17, 2010  8:26 PM

What Constitutes “A Lot of Money?”



Posted by: Arian Eigen Heald
Data Breaches, data security, information security

There's always a lot of discussion on the Internet about how much "security" (by which they usually mean IT security) costs, and whether it's a good ROI. (Return on Investment - another candidate for Acronym dismemberment.) There's a lot of factors to consider, but for small to medium sized...

March 12, 2010  12:59 PM

Update on Wyndham Hotel Breaches – “Only 37″



Posted by: Arian Eigen Heald
Data Breaches, data security, information security

Comes the latest news via CSOOnline: Wyndham Hotels and Resorts experienced a computer security incident in late 2009. As a result of that incident, an unauthorized user may have gained access to credit card...


March 6, 2010  3:59 AM

Wyndham’s 3 Breaches in 1 Year = PR Nightmare



Posted by: Arian Eigen Heald
Data Breaches, DataManagement, Eigen's Rules of Thumb, information security, TCM

The Wyndham chain of hotels includes Ramada, Days Inn, Super8, Howard Johnson and Travelodge. None of which I have stayed at in the last year, and frankly, I am really glad. Not one, not two but three breaches have been disclosed to the public by Wyndham management in the last year. Because they...


March 2, 2010  6:18 PM

I.E. Help Files and F1 Function Key = Vulnerability



Posted by: Arian Eigen Heald
Data Breaches, Heads Up, information security, programming

A new alert came out from Microsoft on March 1st. When a user is online with Internet Explorer, they have to press the F1 function key when a pop-up is displayed. Not that users commonly use this key in IE, but some...


February 26, 2010  7:25 PM

Health Care Breaches and Third Party Associates



Posted by: Arian Eigen Heald
Data Breaches, DataManagement, Identity theft, information security, information security policy, medical identity theft

The Department of Health and Human Services has posted a list of the covered entities, (i.e., those that come under HIPAA regulations) that have reported health information data breaches...


February 25, 2010  6:39 PM

Universities and Colleges Are Being Hammered



Posted by: Arian Eigen Heald
Data Breaches, data security, Database security, information security

I've visited any number of schools, higher education and universities in the last five years that have been suffering from the "Open Campus" syndrome. Fundamentally, it's an attitude on the part of students, teachers/professors and management that their environment won't be "really" damaged by...


February 15, 2010  6:33 PM

Quantum Shifts in 2009



Posted by: Arian Eigen Heald
Data Breaches, Digital Forensics, Forensics, information security, Stupid Technology

I'm sure you've noticed the usual plethora of "studies" about 2009 erupting from various security vendors. Some are good, some are barely concealed pitches for product. Looking over about a dozen of the above, I gleaned some significant facts that might be useful to both admins and...


February 10, 2010  7:47 PM

Printers & Copiers & Data Theft, Oh My



Posted by: Arian Eigen Heald
Data Breaches, data security, Hardware & InfoSec

It's worthwhile to consider the printers, copiers and scanners (or all 3 together - multi-function devices) on your network. How many of your printers allow open access? Open ports? Can I telnet to your printers? Why worry? Why bother? Well, if you google


January 21, 2010  5:36 PM

The Chinese Hack, Nasty Exploit & What You Can Do



Posted by: Arian Eigen Heald
Data Breaches, information security, IT Security

I'm sure you've heard about the Chinese hack into Google, and there's some interesting goings-on behind the scenes to identify and fix the hack,...


January 1, 2010  1:47 AM

Better Late Than Never…..



Posted by: Arian Eigen Heald
ACH Fraud, Banking Fraud, Data Breaches, data security, information security, Tearing My Hair Out

The Federal authorities and the American Banking Association have issued an alert to small and medium-sized businesses to use a dedicated PC for banking. "The alert advises businesses to dedicate a single computer for online banking activity that is never used for reading e-mail or surfing...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: