October 23, 2008 4:41 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
DataCenter,
Hardware & InfoSec,
Security,
Tools for Auditing and SecurityThe most secure Data Centers I've seen utilize electronic access cards of some type that have a good reporting mechanism, right down to which door. Of course, these systems don't do you a bit of good if no one looks at the logs, but that seems to be the exception, rather than the rule. Thank...
October 21, 2008 1:58 PM
Posted by: Arian Eigen Heald
Automatic Theft Machines,
Data Breaches,
Hardware & InfoSec,
Security,
WirelessFrom the Wall Street Journal comes the disturbing news that a high-tech wireless "bug" has been found in hundreds of grocery store ATMs in five different European countries. According to WSJ:
Examining...
October 20, 2008 1:06 AM
Posted by: Arian Eigen Heald
Admins and Auditors,
DataCenter,
IT audit,
Security,
Tools & Tricks of the TradeWhen I do an audit, or a penetration test, I start by walking around the building, both inside, outside, and sometimes even on the roof. In my travels, I'll leave my business card where I can gain unauthorized access. How often am I successful? 95% of the time.
I mentally catalog the exterior...
October 10, 2008 2:12 PM
Posted by: Arian Eigen Heald
Automatic Theft Machines,
Data Breaches,
Hardware & InfoSec,
PCI DSS,
SecurityIn a previous post about Automatic Theft Machines I commented on the worrisome rise in skimming with these machines.
Now, to add to our pain, we should be concerned about gas station pumps,...
October 9, 2008 2:00 PM
Posted by: Arian Eigen Heald
Hardware & InfoSec,
SecurityI came across a recent post from the Breach Blog reporting that a U.S. Naval Laboratory employee - the computer administrator - had stolen 19,709 pieces of computer equipment, worth up to $1.6 million.
Did no one see this guy carting...
October 6, 2008 8:19 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
AS/400,
Compliance,
IT audit,
Security,
Tools & Tricks of the Trade,
Tools for Auditing and SecurityIBM's system iSeries are some of the most solid server systems around. Formerly (and by some, still called) the AS400, those servers are at the top of the food chain for reliability and stability. DB2, the native database system for iSeries, is as solid as a rock, and powers many of the banking,...
October 2, 2008 7:39 PM
Posted by: Arian Eigen Heald
Compliance,
Security,
Tearing My Hair OutAn interesting new study commissioned by Cisco has just been released.CISCO Study The study focused on the behavior of people in...
September 29, 2008 9:43 PM
Posted by: Arian Eigen Heald
Data Breaches,
Eigen's Rules of Thumb,
Hardware & InfoSec,
Mobile,
SecurityCell phone companies are tempting us more and more with phones that act as PDAs (Personal Data Accessory??), send and receive email, surf the Web, have bigger capacity to store documents, are music players, cameras and oh, by the way: a phone. And in the coming years some have proposed utilizing...
September 24, 2008 5:36 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
Compliance,
free tools,
IT audit,
Security,
Tools & Tricks of the Trade,
Tools for Auditing and SecurityI just love VBS.
And I love the folks that share their tools, AND give us a nice interface AND allow us to push a report to a .csv file. So a BIG thank-you should go out to Jeffrey Hicks, who has his own site, anjd a helpful
