Sister CISA CISSP:

Tearing My Hair Out


January 8, 2009  6:10 PM

First GROAN of the New Year



Posted by: Arian Eigen Heald
Security, Tearing My Hair Out

I was doing an audit today (I know, the term "audit" should only be used in connection with a financial exam, but everybody but Public Accountants use it this way) and examining the users inside a SQL database that holds one heck of a lot. I wish more IT Auditors would start looking inside...

January 1, 2009  4:40 AM

Picture This….with a Free Virus!



Posted by: Arian Eigen Heald
Security, TCM (Truly Clueless Management), Tearing My Hair Out

From Slashdot comes the painfully unsurprising news about digital picture frames. The software installation CD comes with a virus, W32.Sality.AE worm. WalMart and Amazon sold these items during the Christmas...


December 24, 2008  7:14 PM

Getting What You Pay For…..2008



Posted by: Arian Eigen Heald
Admins and Auditors, Compliance, Database security, HIPAA, IT audit, SAS 70, Security, Tearing My Hair Out

In my travels as an auditor this year, I've visited 15 states and seen approximately 20 different networks, both LAN and WAN. I've audited hospitals, lotteries, racetracks, banks, small businesses, large online retailers, metal fabricators, telco service bureaus and health care service...


December 20, 2008  2:11 AM

Thank you, Federal Trade Commission…



Posted by: Arian Eigen Heald
Data Breaches, Database security, DataManagement, Identity theft, Security, Tearing My Hair Out

For saying the blindingly obvious: "Companies and schools should find new ways to authenticate the identities of customers, employees and students that do not involve social security numbers, a U.S. consumer protection agency said on Wednesday as part of recommendations to fight identity...


October 2, 2008  7:39 PM

Security is a State of Mind



Posted by: Arian Eigen Heald
Compliance, Security, Tearing My Hair Out

An interesting new study commissioned by Cisco has just been released.CISCO Study The study focused on the behavior of people in...


June 26, 2008  1:10 AM

Hack My Coffee – Please



Posted by: Arian Eigen Heald
Hardware & InfoSec, Security, Start Laughing Now, Stupid Technology, Tearing My Hair Out

From Craig Wright comes this riveting post: I have a Jura F90 Coffee maker with the Jura Internet Connection Kit. The idea is to: "Enable the Jura Impressa F90 to communicate with the Internet, via a...


June 23, 2008  6:17 PM

One More Acronym and I am Going to Scream



Posted by: Arian Eigen Heald
cloud computing, Cloud Security, data security, Security, Start Laughing Now, TCM (Truly Clueless Management), Tearing My Hair Out

I know I'm an IT Auditor, and we should eat acronyms for breakfast, but it seems as if the focus on "achieving compliance" has brought out the worst in us. "We're Compliant!" has become the holy grail of corporate management, and IT has jumped on the bandwagon because they can get funding for...


June 17, 2008  1:00 PM

Losing My Identity At the Drugstore Instant Photo Machine



Posted by: Arian Eigen Heald
Data Breaches, Identity theft, Security, Stupid Technology, Tearing My Hair Out

A few days ago I went with my partner to the local drugstore (all the big chains have these machines) to print out a jpeg to send with a card for Father's Day. The picture was on a thumb drive for easy transport, and I was along to provide technical support (I try to at least appear...


April 22, 2008  6:09 PM

Using Your IDS as a Boat Anchor



Posted by: Arian Eigen Heald
Admins and Auditors, Compliance, Data Breaches, IT audit, Security, TCM (Truly Clueless Management), Tearing My Hair Out, Tools for Auditing and Security

Setting up your Intrusion Detection System to send you email alerts designed by the consultants who put it in and thinking you are secure is the equivalent of wrapping a chain around the server and tossing it in when you go fishing. It will do just as much, if not more good in the lake as it will...


April 14, 2008  8:48 PM

Yes, We Have No Bananas



Posted by: Arian Eigen Heald
Compliance, DataManagement, IT audit, Security, Security Metrics, Tearing My Hair Out

I've been reading a fascinating book by Andrew Jaquith, Security Metrics - Replacing Fear, Uncertainty and Doubt. This book takes...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: