SEARCH RESULTS
 
Showing 1-10 of 163 records
 
Expand article

Stolen General Internal Medicine laptop exposes nearly 12,000

The Article has images
2008-05-05 12:17:36 by Evan Francen in The Breach Blog
...Internal Medicine of Lancaster (PA Contractor/Consultant/Branch None Victims Patients who visited the office of General Internal Medicine of Lancaster, 2301 Columbia Ave., from 2005 through 2007 Number Affected nearly 12,000 Types of Data Names, addresses, telephone and Social Security numbers Breach Description EAST HEMPFIELD TOWNSHIP,...
 
Tags: internal medicine, office, doctors office, information, personal information, office staff, basic patient information, east hempfield township, physicians alliance office
 
 
 
 
Expand article

Insecure folder on NSK Americas' internal network

The Article has images
2008-02-11 11:11:51 by Evan Francen in The Breach Blog
...internal network Reference URL The New Hampshire State Attorney General breach notification Report Credit The New Hampshire State Attorney General Response From the online source cited above NSK Americas, Inc. recently became aware that a computer folder containing employee data on our internal corporate server was not properly secured ...
 
Tags: nsk americas, nsk, nsk employees, non-nsk employees, sensitive personal information, personal information, breach description, breach, secure personal information
 
 
 
 
Expand article

An internal breach at the University of Toledo exposes 6,500

The Article has images
2008-04-13 21:14:52 by Evan Francen in The Breach Blog
...internal server, but they are typically kept in folders where only employees of that department have access, Mr. Hogle said There were about 6500 employees w-2 forms primarily from 1993 and 1999," says UT spokesperson Jon Strunk The personal information, including social security numbers, were made available to all university employees....
 
Tags: university, university officials doubt, information, information security professionals, university employees, personal information, toledo, employees, expose information
 
 
 
 
Expand article

Internal auditors are rarely audited, survey finds

2007-07-11 08:00:00 by Editor in IT Compliance
 
Few are following the quality guidelines of the Institute of Internal Auditors
 
Tags: internal auditors, quality guidelines, institute
 
 
 
 
Expand article

Ask the Auditor: Who is Responsible for Information Security?

2007-12-29 06:24:50 by Editor in Security Links
 
...internal auditor and certified information systems auditor Dan Swanson answers the question of who is responsible for information security By Dan Swanson A Reader Asks: Who is responsible for information security The Auditor Responds: In short, the board of directors, management (of both staff and business lines), and internal audit functions...
 
Tags: information, information security, information policy, information security risks, information assurance, information security governance, information security managers, information security management, assign information security
 
 
 
 
Expand article

10 things you should be doing to protect your company against email risks

2007-11-02 23:30:15 by Administrator in Email security & compliance blog
 
...internal mails this is to protect users from an unsafe work environment. For external mails this is to protect the reputation of your company and to avoid libel lawsuits. You must also check attachments and use word filtering to avoid confidential data leaving the company. For instance you can block external emails containing Social Security...
 
Tags: policy, email policy violations, email-policy, email policy rules, rules, email policy, risks, email risks, email
 
 
 
 
Expand article

Former LendingTree employees sold access to customer information

The Article has images
2008-04-23 13:08:37 by Evan Francen in The Breach Blog
...internal security uncovered this situation. We began an internal investigation and reported it to the authorities. We continue to assist the authorities and are telling our customers as soon as it was possible to do so Credit card information (such as account number or account balance) was not involved Evan] No need, with information such as...
 
Tags: information, lendingtree, necessarily fault lendingtree, fault lendingtree, employment information, credit card information, lendingtree faqs, information security personnel, security
 
 
 
 
Expand article

Is there a "silver bullet" to IT Compliance Management?

The Article has images
2007-12-06 13:12:00 by Ryan Shopp in practical risk management
...Internal ControlIntegrated Framework"), or any other generally accepted control framework could be used. Note: it did not say COSO was the only one But COSO can pose a problem...COSO doesnt set out details. As its name implies, it is a framework Each organization must still go through the difficult process of setting out its own system of...
 
Tags: compliance, compliance management, silver bullet, compliance institute, standards, numerous standards organizations, compliance close, controls, compliance requirements
 
 
 
 
Expand article

Notes from IEEE Web 2.0 Security and Privacy Workshop (W2SP2008)

2008-05-27 22:45:00 by Security Retentive in Security Retentive
 
...internal implementation of most browsers is pretty dicey from a security perspective. There is no clean separation between policy and mechanism. All code operates at the same privilege level. Plugins cannot be constrained in what they can do, etc I haven't seen any analysis yet comparing what MS did with IE7 on Vista in protected mode as...
 
Tags: browser, browser security models, browser project, browser security model, security models, browser security, security, web, security challenges
 
 
 
 
Expand article

Directly connect to your corpnet with IPsec and IPv6

2008-06-25 20:55:59 by Steve Riley in Steve Riley on Security