SEARCH RESULTS
 
Showing 1-10 of 128 records
 
Expand article

The Phorm Webwise System

2008-04-04 16:53:06 by Richard Clayton in Light Blue Touchpaper
 
...assume that targeting their advertisements will be welcomed If I spend my time checking out the details of a surprise visit to Spain, I dont want the person Im taking with me to glance at my laptop screen and see that its covered with travel adverts, mix up cause and effect, and think even just for a moment that it wasnt my idea first Phorm...
 
Tags: phorm, system, phorm assumes, phorm argue, phorm system, extensive technical details, technical details, system anonymises, details
 
 
 
 
Expand article

Citizens Advice stolen laptop was encrypted

The Article has images
2007-12-13 13:37:02 by Evan Francen in The Breach Blog
...assume it is a commercial solution such as Utimaco or Pointsec. Kudos to Citizens Advice for their proactive decision to encrypt sensitive data on a laptop Good commercial versions of "whole disk" laptop encryption software will protect against slaving the hard drive to another computer (thus bypassing password protection) and provide a...
 
Tags: laptop encryption, laptop encryption software, advice, encryption, encryption product, citizens advice, laptop, sought advice, personal data
 
 
 
 
Expand article

Supporting Complex Passwords

The Article has images
2007-12-04 08:56:00 by Keith Brown in Security Briefs
...assume that users will supply short, simple passwords, not randomly generated, strong passwords created by a tool. Or long pass phrases. But this is especially egregious since it encourages people to reduce the strength of the password that controls access to many different Microsoft properties I didn't have time to try to figure out exactly...
 
Tags: passwords, complex passwords, complex, passwords hit, password temporarily, temporarily, password, strong passwords, password minder
 
 
 
 
Expand article

Five-year-old wanders into bank branch after-hours

The Article has images
2008-02-06 10:24:03 by Evan Francen in The Breach Blog
...assume that the bank doors would be locked. Even if the door were unlocked, most of us would assume that alarms would go off as soon as I opened it I don't suggest that you drive from bank to bank looking for unlocked doors because this might get you in a lot of trouble Past Breaches Unknown
 
Tags: bank, customers, bank customers, bank after-hours, branch, door malfunction, bank doors, malfunction, breach description
 
 
 
 
Expand article

Desktop computer stolen from Administrative Systems, Inc.

The Article has images
2008-02-11 14:53:04 by Evan Francen in The Breach Blog
...assume that many of the victims do not even know who ASI is or how they came into the possession of their information. If I received one of the notifications from ASI, I would have more questions than answers and I would be frustrated. As customers of companies, we provide certain personal information. We trust that the companies we do...
 
Tags: protect personal information, personal information, sensitive personal information, companies, include insurance companies, financial services companies, information, information security, asi partner companies
 
 
 
 
Expand article

Stolen Salesforce.com unencrypted external storage device

The Article has images
2008-02-12 13:32:40 by Evan Francen in The Breach Blog
...assume. Sometimes what we assume is worse than reality Past Breaches Unknown
 
Tags: external storage device, storage device, sensitive personal information, personal information, device, personal information includes, information, salesforce, data
 
 
 
 
Expand article

Economics of secure software

2007-01-21 10:13:02 by RaviC in Musings on Information Security
 
...Assume if the vendor develops secure product, if the vendor has to spend twice as much to develop the secure product (that's probably the worst case impact on the cost structure and let's assume that the vendor passes all the cost to the customers by doubling the price TCO (secure)= 2*Price + x * (Y*Price) ---> Equation 2 Where is "x" is the...
 
Tags: software, secure, secure product, product, software vendor, software vendors, vendor, price, initial purchase price
 
 
 
 
Expand article

BNY Mellon Shareowner Services loses backup tape

The Article has images
2008-03-27 15:52:10 by Evan Francen in The Breach Blog
...assume that it was not. Continuing with this assumption, this means that BNY Mellon Shareowner Services sends unencrypted customer database back-up tapes offsite every day. Does anyone else see an unnecessary risk here? Unnecessary and likely unacceptable Now let's assume that the information was encrypted and the keys are managed well. Risk...
 
Tags: tapes, tapes held, bank, possibly bank account, computer data tapes, information, personal information, data, assists clients
 
 
 
 
Expand article

This ain't no bloggin' booth babe!

The Article has images
2008-04-03 05:31:59 by HASH0x8b4cb5c in StillSecure, After All These Years
...assume that she is not somehow as sharp or as relevant? Two years ago I asked why the security industry had not outgrown booth babes. Today I ask why security bloggers are no better. Why do we assume because a woman who is blond and not frumpy looking must be some sort of booth babe blogger? I say bull crap to that. Maybe if Jennifer had not...
 
Tags: jennifer jabbusch, jennifer, booth babes, security bloggers network, outgrown booth babes, security bloggers, people, people assume, assume
 
 
 
 
Expand article

Siemens Healthcare Diagnostics employees at risk from stolen laptop

2008-04-16 15:47:48 by Evan Francen in The Breach Blog
 
...assume that the stolen laptop was not encrypted. If the laptop were encrypted then I would also assume that Siemens would have mentioned it. The State of New Hampshire does not have an encryption exemption for breach notification, so Siemens would have been required to report it either way This breach notification does not provide much...
 
Tags: company, company laptop computer, current data privacy, data, siemens, breach description, breach, siemens healthcare diagnostics, security breach