Sister CISA CISSP:

Data Center

1

September 23, 2010  1:16 PM

More on Cell Phone Location Data – Apple Logs Everything



Posted by: Arian Eigen Heald
ce, Data Center, Hardware & InfoSec, mobile phone security, Privacy, privacy on the web

If the C-level and Board members of your company are concerned about the privacy and security of their business and personal data, you might want to educate them about the privacy policy of a very frequently used mobile device: the iPhone. According to this

August 31, 2010  6:23 PM

From the Council of Gov’t CIOs to the Feds: Address the Risks of Cloud Computing



Posted by: Arian Eigen Heald
cloud computing, Cloud Security, Data Center, information security, Privacy, privacy on the web

Last week the Chief Information Officers Council, a government body established by legislation in 1996, comes a Privacy Recommendations Paper from the Council to all government departments and agencies. So this paper carries a little extra...


May 21, 2010  3:18 PM

First Dance in the Cloud



Posted by: Arian Eigen Heald
cloud computing, Cloud Security, Data Breaches, Data Center

Well, it finally happened: I got asked to audit information that is stored in a cloud by a third-party vendor. I've acquired the controls, such as password polices, presented in a browser to my client. Several questions came immediately to mind: 1. Given that web browsers are still...


February 17, 2010  2:58 AM

Beware the “Smoker Door!”



Posted by: Arian Eigen Heald
Adventures in Auditing, Data Center, Eigen's Rules of Thumb, Hardware & InfoSec, information security policy, Penetration testing, Physical Security, Start Laughing Now, Tools & Tricks of the Trade

When doing a physical security audit, there's always the "security by walking around" phase. I find PCs with no screensavers, passwords under keyboards and keys labeled "server room." Consider the cigarette smoker. Every company has them. (Better, by far, than the cigar smokers, in my opinion.)...


November 5, 2009  4:52 PM

A Not-So-Great Use of Cloud Computing



Posted by: Arian Eigen Heald
cloud computing, Cloud Security, Data Breaches, Data Center, data security, information security

As I'm sure you know, I'm not yet a big fan of "cloud computing," known by various acronyms. I have yet to see a really comprehensive approach to audit and security. Ultimately, you don't know where your data is in the "cloud." And the Feds have access to it without a warrant. So you...


May 6, 2009  5:30 PM

Watching Your Data Evaporate in the Cloud



Posted by: Arian Eigen Heald
"How Do You Know?", cloud computing, Compliance, Data Center

"Cloud" computing continues to beat the drum of "cutting costs." Although I must say that I am hard put to differentiate between "cloud computing" and data centers that host hardware, the emphasis seems to be on shared server resources and supposedly quick turnaround for new applications. In my...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: