September 27, 2010  4:24 PM

“Free” USB Drive Calls Home

Posted by: Arian Eigen Heald
Data Breaches, Hardware & InfoSec, information security, Privacy

At a conference I attended not long ago, part of the conference package I received was a "free" USB drive from one of the vendors. Every attendee received one of the drives. Being the information security person that I am, "free" USB drives make me wary. Marketers also make me wary. So, I looked...

September 23, 2010  1:16 PM

More on Cell Phone Location Data – Apple Logs Everything

Posted by: Arian Eigen Heald
ce, Data Center, Hardware & InfoSec, mobile phone security, Privacy, privacy on the web

If the C-level and Board members of your company are concerned about the privacy and security of their business and personal data, you might want to educate them about the privacy policy of a very frequently used mobile device: the iPhone. According to this

August 31, 2010  6:23 PM

From the Council of Gov’t CIOs to the Feds: Address the Risks of Cloud Computing

Posted by: Arian Eigen Heald
cloud computing, Cloud Security, Data Center, information security, Privacy, privacy on the web

Last week the Chief Information Officers Council, a government body established by legislation in 1996, comes a Privacy Recommendations Paper from the Council to all government departments and agencies. So this paper carries a little extra...

August 26, 2010  1:33 AM

Smart Phone Photographs Can Expose Much More than The Picture

Posted by: Arian Eigen Heald
data security, Privacy, privacy on the web

Would you publish a digital photograph from your smart phone on the Internet if it could tell everyone where you lived, or where you were when you took it? Unless GPS capability is specifically turned off (for phones that have it - think iPhone, Palm and Blackberry) photographs that are posted...

August 20, 2010  8:34 PM

Myths About Reputation Risk

Posted by: Arian Eigen Heald
Data Breaches, data security, Privacy

I received some entertaining feedback on my previous blog, so I thought I'd share some of the comments I've heard over the last few years about business reputations: 1. "My data is outsourced (hosted, in the cloud, etc) at a third party company. If they lose my data, or get broken into, it's...

February 19, 2010  5:23 PM

Not the Kind of “Buzz” Google Wants – Check Your Gmail

Posted by: Arian Eigen Heald
information security, Privacy, privacy on the web, TCM (Truly Clueless Management)

About ten days ago, a splash page appeared when I went to log into my Gmail, indicating I could click the button labeled “Sweet! Check out Buzz” or “Nah, go to my inbox." I just said "Nah" and went to my inbox, thinking no more about it. Sometime later, I noticed a little icon at the top of...

October 2, 2009  3:35 PM

Your Electric Utility and The Privacy Impact

Posted by: Arian Eigen Heald
Data Breaches, information security, Privacy

You wouldn't think that the power meter in your basement could have anything significant to say about you, personally, would you? Well, you (and I) would be wrong, very wrong, on that point. We tend to have the mindset that only computers store and transport personal information, but there are...

June 22, 2009  5:32 PM

Google Thyself

Posted by: Arian Eigen Heald
Google hacking, Identity theft, Privacy, privacy on the web

I have a series of Google Alerts set up to alert me daily on such interesting topics as data theft, data breach, etc., etc., and I have one set up for my full name, or any two parts thereof. I have, as it happens, a very unique name, and should someone...

June 15, 2009  12:23 PM

Web Bugs and Email

Posted by: Arian Eigen Heald
HTML email security, information security, Privacy, privacy on the web, web bugs

I'm a big advocate of disabling HTML in email messages. The marketing people scream because they can't run their pretty code to sell products and convey appealing images. Other folks love being able to use those nice fonts you can't use with Rich Text for signatures. But a pretty face can't...

June 11, 2009  2:50 PM

Storm Clouds Ahead

Posted by: Arian Eigen Heald
Admins and Auditors, cloud computing, Cloud Security, PCI, Privacy

It seems like every big vendor is pushing for business to "use the cloud." Only now are we starting to see some questions arise in the general media about how secure cloud computing is. The short answer is: it's not. Intrinsically, whoever has physical ownership of your hardware has your data....

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: