SecurityRatty: tag: ensure

Ask the Auditor: Who is Responsible for Information Security?

2007-12-29 06:24:50 by Editor in Security Links

...ensure that everything that should be done to protect sensitive data is being doneand that the companys key assets are protected appropriately 1) Staff and line-of-business managers must have a voice in the design and implementation information security programs, since these managers are ultimately responsible for protecting and enhancing the...

Tags: information, information security, information policy, information security risks, information assurance, information security governance, information security managers, information security management, assign information security

Audit

2008-12-10 14:21:45 by schneier in Schneier on Security

...ensure that people don't abuse positions of trust. The cash register, for example, is basically an audit system. Cashiers have to handle the store's money. To ensure they don't skim from the till, the cash register keeps an audit trail of every transaction. The store owner can look at the register totals at the end of the day and make sure...

Tags: audit, strong audit features, audit features, audit mechanisms, information, personal information, audit helps ensure, audit record, ensure

More trustworthy election systems via SDL?

2008-02-04 23:34:00 by sdl in The Security Development Lifecycle

...ensure that mitigations are present. It would appear that these examples show that the development teams didnt adopt such a systematic approach, or failed to think about mitigations of each possible attack if they did Ballot secrecy is an example where security and privacy concerns intersect. Many people confuse security and privacy, and both...

Tags: machine security concerns, security concerns, election systems, election, security, security researchers, election systems margin, margin, election management system

House committee issues report and finds fault with TSA web site

2008-01-15 09:35:53 by Evan Francen in The Breach Blog

...ensure the security of personal information it collects Answer : TSA takes a number of steps to ensure the security of personal information it collects about individuals. TSAs Office of Privacy Policy & Compliance collaborates with the Chief Information Security Office (CISO) to work with program offices during the design and implementation...

Tags: tsa, website, website contract, traveler redress website, tsa moved quickly, security breach, information security breach, security vulnerabilities, multiple security vulnerabilities

J.C. Penney customers affected by lost GE Money backup tape

2008-01-18 10:24:59 by Evan Francen in The Breach Blog

...ensure that the data is protected throughout its lifecycle. J.C. Penney needs to ensure that their partners and vendors adequately secure information The Penney name didn't appear on the envelope Rich received, and she thought it was a credit solicitation when she saw the GE Money return address I think the average consumer has thrown away...

Tags: penney, penney customers, tape, backup tape, money, sensitive personal information, personal information, penney card immediately, information security practices

Laptop missing from Russells Hall Hospital (UK)

2008-02-15 14:08:13 by Evan Francen in The Breach Blog

...ensure the safety of our staff, patients and visitors, but it is very difficult to mitigate against all deliberate acts of theft To help alleviate any concerns and answer any questions that might arise, staff in the clinic have been talking to the patients about the theft and giving them an explanatory letter which gives them information...

Tags: information, personal information, medical information, data, data protection, information security, data encryption software, russells hall hospital, hospital

Web Site: Security and Trust

2007-01-18 07:10:00 by RaviC in Musings on Information Security

...ensure that it has the name of the organization that this web site belongs to and that you choose to trust 4. Inspect the Issued by: field; ensure that it has the name of the Certificate Authority that you choose to trust. Certificate Authority is a trusted third party that issued the certificate to this organization 5. Inspect the Valid...

Tags: web site, https, https web site, trust, offer trust, web site belongs, https url, https offers security, ensure

Unauthorized access to the Stryker Corporation VPN

2008-04-17 12:45:57 by Evan Francen in The Breach Blog

...ensure that access to Stryker's network will be disabled immediately upon an employee's termination Developing a procedure to review service accounts and change passwords Eliminating potential gaps in Stryker's current internal audit system Requiring two-factor authentication for all remote network access Disabling one of Stryker's existing...

Tags: stryker, stryker corporation, stryker suspects, stryker immediately, immediately, stryker intends, stryker servers, servers, evan user

Walter Reed Army Medical Center breach through P2P

2008-06-03 09:14:34 by Evan Francen in The Breach Blog

...ensure that personal information is protected and prevent any future compromise of patient records Evan] Obviously easier said than done Walter Reed plans to offer free credit protective services to patients whose information was revealed The hospital also has set up a hot line for people to call to see if their information was disclosed...

Tags: information, personal information, walter reed, sensitive information, wramc personnel, wramc, network access control, network access, team wramc

AT&T management information on stolen laptop

2008-06-08 18:28:48 by Evan Francen in The Breach Blog

...ensure that any sensitive material is encrypted Evan] Really? It is "up to the employee" to ensure that sensitive material is encrypted? Most of the users I work with wouldn't know the first thing about how to encrypt information. This is why we usually implement policies, standards and procedures to encrypt the entire contents of hard drives...

Tags: information, employee, att employee, personal information, laptop, att, store confidential information, actual att correspondence, information security

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo