SecurityRatty: tag: guidelines

EU drafts guidelines for RFID technologies

2008-02-21 00:00:00 by HASH0x8b5caa0 in Network World on Security

The European Commission has sketched out guidelines to help get RFID technologies up and running in the European Union, but stopped short of proposing formal legislation in the area

Tags: rfid technologies, guidelines, european union, european commission, formal legislation, short

ATM Communication - How Secure ?

2008-03-21 12:34:00 by Random InfoSec Guy in Security Coin

...guidelines (in their ANSI X9 TG-3 standards checklist, ANSI documents X9.8 and X9.24) for how a customer's PIN should be kept secure: how they should be stored on the card (store only the difference/offset of the encrypted PIN value and the natural PIN), what the minimum encryption requirements are (Triple DES), what the specifications of the...

Tags: pin, pin offsets, atm, pin translation, natural pin, key, key management, atm communications, encryption key

When Too Much Security Means No Security at All

2007-12-24 12:30:19 by Posted By: Paul Proctor, Research VP in IT Leaders - Security and Risk Management

...Guidelines, Part 1 Toolkit Best Practices: Creating a Security Policy Process (Security Policy Guidelines, Part 2 Toolkit Best Practices: Creating a Security Policy Process (Security Policy Guidelines, Part 3

Tags: policy, security policy guidelines, enterprise security, enterprise security framework, security, enterprise, official hmrc policy, security policy process, effective enterprise security

5 tips to comply with new ediscovery rules

2006-12-11 06:38:43 by Administrator in Email security & compliance blog

...guidelines as to what information needs to be retained and what should be purged, this will help in a court order since you can prove that your organization has taken electronic record retention seriously and that there are no irregular deletions of specific documents or emails Follow these 5 tips to show that your organization has taken...

Tags: retention policy, records retention policy, records, documents, reasonable care, specific documents, company management, company, electronic record retention

Flash XSS And Remediation Steps

2008-01-03 00:48:56 by RSnake in ha.ckers.org web application security lab

...guidelines for secure Flash development as described in the whitepaper at http://www.adobe.com/devnet/flashplayer/articles/secure swf apps.html , and by using data validation libraries available at http://code.google.com/p/flash-validators Adobe is also applying these guidelines to SWF templates that are commonly deployed, which will be...

Tags: flash, flash player, flash player bulletin, flash vulnerabilities, vulnerabilities, adobe, complete solution, secure flash development, solution

Surveillance Best Practices

2008-03-13 09:09:10 by Jen Albornoz Mulligan in Security & Risk Management

...guidelines for respecting the privacy of employees, customers, and potential passers-by when using video surveillance. Occasionally, our team here at Forrester is asked about physical security measures which can fall outside our area of expertise. Other times, such as the following best practices, the suggestions are a specific example of the...

Tags: video surveillance, privacy, privacy impact assessment, reason, business reason, business, images, individuals access, privacy commissioner

XSS and PCI: Not compliant, or Hacker Safe

2008-01-18 11:43:00 by Russ McRee in HolisticInfoSec.org

...guidelines such as the Open Web Application Security Project guidelines. Review custom application code to identify coding vulnerabilities. Cover prevention of common coding vulnerabilities in software development processes, to include the following 6.5.1 Unvalidated input 6.5.2 Broken access control (for example, malicious use of user IDs...

Tags: xss, sites, additional sites, sites vulnerable, pci dss, pci compliant, vulnerable, session, information week article

Stolen laptop affects thousands of current and former Stanford employees

2008-06-08 23:12:08 by Evan Francen in The Breach Blog

...guidelines designed to protect confidential information, events such as this demonstrate the need for heightened vigilance in this area Evan] Information security always requires a "heightened vigilance". It is a continuous effort Vice President for Business Affairs and Chief Financial Officer Randy Livingston will lead a task force to...

Tags: stanford, university laptop, university, stanford university, stanford email address, information, personal information, information security practice, stanford employee

Castlecroft Medical Practice patient information at risk

2008-06-19 11:54:50 by Evan Francen in The Breach Blog

...guidelines, the information was not encrypted, which would have made it unreadable without a special code to unscramble it Evan] Are medical personnel aware of and required to follow the guidelines? Are there penalties or sanctions for non-compliance The laptop was among items stolen in a recent burglary at the home of the unnamed doctor,...

Tags: information, confidential information, confidential information disclosure, confidential information maintain, practice, castlecroft medical practice, computer, laptop computer, adolescent information

Montgomery Ward breached, no notification obligation?

2008-06-27 23:45:03 by Evan Francen in The Breach Blog

...guidelines, issued by Visa, on how to respond to a security breach Evan] This is sad. The Visa documentation regarding breach response is way too narrowly focused to be used as an organizational incident response. Every organization that creates, collects, uses, stores, and/or transfers confidential information should have an incident...

Tags: card companies, companies, services, services closely, credit card companies, services retail properties, financial company citigroup, company, montgomery ward

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo