Sister CISA CISSP:

data security


August 26, 2010  1:33 AM

Smart Phone Photographs Can Expose Much More than The Picture



Posted by: Arian Eigen Heald
data security, Privacy, privacy on the web

Would you publish a digital photograph from your smart phone on the Internet if it could tell everyone where you lived, or where you were when you took it? Unless GPS capability is specifically turned off (for phones that have it - think iPhone, Palm and Blackberry) photographs that are posted...

August 20, 2010  8:34 PM

Myths About Reputation Risk



Posted by: Arian Eigen Heald
Data Breaches, data security, Privacy

I received some entertaining feedback on my previous blog, so I thought I'd share some of the comments I've heard over the last few years about business reputations: 1. "My data is outsourced (hosted, in the cloud, etc) at a third party company. If they lose my data, or get broken into, it's...


June 14, 2010  3:42 PM

Where IS the Data, Exactly?



Posted by: Arian Eigen Heald
Adventures in Auditing, cloud computing, Cloud Security, data security

After a nice vacation in the north woods of Maine, I returned to the excitement of my first "cloud computing" audit event. In doing a SAS 70 for a client, I discovered that they had outsourced a new application. No news there. When data is hosted by the provider, along with the application, all...


May 5, 2010  7:29 PM

Fighting A Trojan – Part 1



Posted by: Arian Eigen Heald
data security, malware management

Last week I came up against a piece of malware that is still "eating my lunch." And I don't know where I got it. I was researching a DNS problem I have, going through Google and reviewing various topics. So I can tell you somewhat where I went, but I got too busy too fast to identify the website...


April 20, 2010  3:26 PM

The Only Way Out is Through



Posted by: Arian Eigen Heald
Admins and Auditors, data security

Nobody "likes" government regulations. But imagine what it would be like to live without them. What if there were no banking regulations - who would check to see if my money was safe? The bank? I've worked in banks. The answer would be "no." Not without oversight. Banks have internal auditors,...


April 15, 2010  6:49 PM

Adobe Reader at the Forefront of Malware Delivery



Posted by: Arian Eigen Heald
Data Breaches, data security, information security, malware management

Statistics from a new study by F-Secure indicate that Adobe Reader has surpassed Microsoft Office products as a vector for malware delivery 2009. F-Secure has also pointed out that you can embed movies and songs, JavaScript, and...


April 7, 2010  3:16 PM

A Free Tool Both Admins and Auditors Will Like



Posted by: Arian Eigen Heald
Admins and Auditors, data security, free tools, information security

For an admin, making the auditor happy is NOT the goal in life. It's to keep things running, squeeze in improvements, implement new products and do it with a work force that is always too small. For an auditor, getting information to build a complete report, with all the test information, means...


March 17, 2010  8:26 PM

What Constitutes “A Lot of Money?”



Posted by: Arian Eigen Heald
Data Breaches, data security, information security

There's always a lot of discussion on the Internet about how much "security" (by which they usually mean IT security) costs, and whether it's a good ROI. (Return on Investment - another candidate for Acronym dismemberment.) There's a lot of factors to consider, but for small to medium sized...


March 12, 2010  12:59 PM

Update on Wyndham Hotel Breaches – “Only 37″



Posted by: Arian Eigen Heald
Data Breaches, data security, information security

Comes the latest news via CSOOnline: Wyndham Hotels and Resorts experienced a computer security incident in late 2009. As a result of that incident, an unauthorized user may have gained access to credit card...


February 25, 2010  6:39 PM

Universities and Colleges Are Being Hammered



Posted by: Arian Eigen Heald
Data Breaches, data security, Database security, information security

I've visited any number of schools, higher education and universities in the last five years that have been suffering from the "Open Campus" syndrome. Fundamentally, it's an attitude on the part of students, teachers/professors and management that their environment won't be "really" damaged by...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: