Sister CISA CISSP:

ITKE grandparent


January 1, 2010  1:47 AM

Better Late Than Never…..



Posted by: Arian Eigen Heald
ACH Fraud, Banking Fraud, Data Breaches, data security, information security, Tearing My Hair Out

The Federal authorities and the American Banking Association have issued an alert to small and medium-sized businesses to use a dedicated PC for banking. "The alert advises businesses to dedicate a single computer for online banking activity that is never used for reading e-mail or surfing...

December 29, 2009  7:58 PM

Just in Time for the Holidays…..



Posted by: Arian Eigen Heald
Automatic Theft Machines, cloud computing, Cloud Security, information security, SQL Injection, Start Laughing Now, TCM (Truly Clueless Management)

There are a bunch of year end studies coming out, predicting various sorts of rises and decreases in criminal activity on the Internet. ("cybercriminal" sounds way too glamorous for me.) So I thought I'd offer up, in the spirit of the season, my two cents: Under the Category of Bad...


December 22, 2009  7:09 PM

The Forest or The Trees – Part 2



Posted by: Arian Eigen Heald
Admins and Auditors, Tearing My Hair Out

In a previous article, I talked about the issues faced by IT Security and financial auditors, in trying to come together. Financial auditors only care about financial systems and...


December 4, 2009  10:46 PM

The Forest or The Trees; Why Can’t We Have Both?



Posted by: Arian Eigen Heald
Admins and Auditors, Tearing My Hair Out

It often seems as if IT Security and auditors will never meet in the middle. As a person with one foot in either side of the fence, I'm often amazed how two groups with fundamentally the same goals can't seem to agree. Usually, when this happens, I'm an auditor sitting with IT Security people,...


November 30, 2009  8:17 PM

Consensus Audit Controls Released – That are Actually Useful!



Posted by: Arian Eigen Heald
Admins and Auditors, Tools for Auditing and Security

If you're like me, if you see/or hear about one more "set of controls," "baselines," "standards" or "frameworks," you'll tear your hair out. And scream For my money, the


November 23, 2009  5:39 PM

Buy Your OWN Automatic Theft Machine



Posted by: Arian Eigen Heald
Automatic Theft Machines, Data Breaches, Eigen's Rules of Thumb, Hardware & InfoSec, Identity theft, Stupid Technology

Is it really a surprise that ATMs can be bought on eBay or Craigslist? Given the amount of...


November 13, 2009  9:49 PM

You Can’t Outsource Reputation



Posted by: Arian Eigen Heald
Data Breaches, data security, information security, TCM (Truly Clueless Management)

Reviewing yet another data breach in the news, I was struck by the phraseology of the news report. Specifically, the article on MassMutual brought a point to mind that I keep using with companies and...


November 5, 2009  4:52 PM

A Not-So-Great Use of Cloud Computing



Posted by: Arian Eigen Heald
cloud computing, Cloud Security, Data Breaches, Data Center, data security, information security

As I'm sure you know, I'm not yet a big fan of "cloud computing," known by various acronyms. I have yet to see a really comprehensive approach to audit and security. Ultimately, you don't know where your data is in the "cloud." And the Feds have access to it without a warrant. So you...


October 30, 2009  12:53 AM

When a “Fix” is Not a Fix – The Fix is In



Posted by: Arian Eigen Heald
Data Breaches, Hardware & InfoSec, information security, Stupid Technology, TCM (Truly Clueless Management), Tearing My Hair Out, Wireless

In my previous post, I discussed the Time Warner/SMC modem enormous security flaw. Lo and behold, I am visited and left a comment by "Adam Wood" defending SMC,...


October 21, 2009  6:52 PM

Using Time-Warner as Your Internet Provider? Check Your Modem QUICKLY



Posted by: Arian Eigen Heald
Data Breaches, data security, information security, Stupid Technology, Tearing My Hair Out, Wireless

As lf 10/20/09, a software maven has written of a major security hole (one you can drive a TRUCK through) in the wifi/cable modem models issued to customers who don't want to use their own equipment. Here's the link, in all its' details, by David Chen,...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: