Sister CISA CISSP:

Eigen’s Rules of Thumb


March 6, 2010  3:59 AM

Wyndham’s 3 Breaches in 1 Year = PR Nightmare



Posted by: Arian Eigen Heald
Data Breaches, DataManagement, Eigen's Rules of Thumb, information security, TCM

The Wyndham chain of hotels includes Ramada, Days Inn, Super8, Howard Johnson and Travelodge. None of which I have stayed at in the last year, and frankly, I am really glad. Not one, not two but three breaches have been disclosed to the public by Wyndham management in the last year. Because they...

February 17, 2010  2:58 AM

Beware the “Smoker Door!”



Posted by: Arian Eigen Heald
Adventures in Auditing, Data Center, Eigen's Rules of Thumb, Hardware & InfoSec, information security policy, Penetration testing, Physical Security, Start Laughing Now, Tools & Tricks of the Trade

When doing a physical security audit, there's always the "security by walking around" phase. I find PCs with no screensavers, passwords under keyboards and keys labeled "server room." Consider the cigarette smoker. Every company has them. (Better, by far, than the cigar smokers, in my opinion.)...


February 8, 2010  2:21 PM

More Adventures In Auditing



Posted by: Arian Eigen Heald
Adventures in Auditing, Eigen's Rules of Thumb, Start Laughing Now, Steps to an Easy Audit, TCM (Truly Clueless Management)

Not long ago (needless to say I can't mention time or client name) I was asked by a medium-sized business to investigate some problems they were having with spam, malware, and "weird stuff" on their network. Their network contained at least 200 users spread out over multiple sites. I asked to...


January 29, 2010  4:18 PM

A “Reverse Darwin” Award



Posted by: Arian Eigen Heald
Eigen's Rules of Thumb, information security, Start Laughing Now

A story appeared on Techdirt concerning a woman who has sued Yahoo because her name was linked to an erectile dysfunction drug in search results. How this happened the first time, we really don't know,but now the dark humor...


December 18, 2009  2:30 PM

Second Annual “One More Acronym & I am Going To Scream”



Posted by: Arian Eigen Heald
Eigen's Rules of Thumb, Start Laughing Now, Stupid Technology

From the wilds of South Dakota, it seems like I have too much time to think. Once again, in time for the holiday season, the Ad campaigns (which is where so many of these things ((heck, where ALL of these things)) come from) spread the same acronyms like the "I Love You" virus. Late last night...


November 23, 2009  5:39 PM

Buy Your OWN Automatic Theft Machine



Posted by: Arian Eigen Heald
Automatic Theft Machines, Data Breaches, Eigen's Rules of Thumb, Hardware & InfoSec, Identity theft, Stupid Technology

Is it really a surprise that ATMs can be bought on eBay or Craigslist? Given the amount of...


May 12, 2009  9:46 AM

Security Maxims to Live By



Posted by: Arian Eigen Heald
Admins and Auditors, Eigen's Rules of Thumb, Start Laughing Now, TCM (Truly Clueless Management)

I happened across the Vulnerability Assessment Team website of the Argonne National Laboratory. The Security Manager there has a great sense of humor, and has devised some security maxims much like my


September 29, 2008  9:43 PM

Do You know Where Your Previous Mobile Phone Is?



Posted by: Arian Eigen Heald
Data Breaches, Eigen's Rules of Thumb, Hardware & InfoSec, Mobile, Security

Cell phone companies are tempting us more and more with phones that act as PDAs (Personal Data Accessory??), send and receive email, surf the Web, have bigger capacity to store documents, are music players, cameras and oh, by the way: a phone. And in the coming years some have proposed utilizing...


August 5, 2008  4:46 PM

ATMs – Automated Theft Machines



Posted by: Arian Eigen Heald
Automatic Theft Machines, Eigen's Rules of Thumb, Hardware & InfoSec, Identity theft, Security, Security Devices

It's absolutely fascinating (in a nerve-wracking sort of way) to read about how many different ways there are to use ATMs to capture (and steal) accounts and PIN numbers. From there, it takes very little time to create a fraudulent card and spend what you can before the bank catches up. It's a...


June 3, 2008  3:01 PM

Eigen’s 2008 InfoSecurity “Rules of Thumb”



Posted by: Arian Eigen Heald
Compliance, Eigen's Rules of Thumb, IT audit, Security, Steps to an Easy Audit, Tools & Tricks of the Trade, Tools for Auditing and Security

Rule #1 - You can pay now, or you can pay later, but if you choose to pay later, you will pay MORE. Rule #2 - You can outsource function, but you cannot outsource...

Bookmark and Share     0 Comments     RSS Feed     Email a friend


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: