SecurityRatty: tag: policy

Some Comments on PayPal's Security Vulnerability Disclosure Policy

2007-11-27 18:07:00 by Security Retentive in Security Retentive

...policy in the last few days I was personally involved in crafting the policy and while I can't make commitments or speak officially for PayPal I thought I'd take a few minutes to explain our thinking on a few of the items in the policy First, a few points. PayPal didn't have a great system for reporting security issues until this new policy...

New Paper "Five basic mistakes of security policy"

2008-02-29 09:14:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...policy." The actual mistakes are Not having a policy Not updating the security policy Not tracking compliance with the security policy Having a "tech only" policy Having a policy that is large and unwieldy Indeed, the stuff is pretty basic, but that is exactly the intention About me: http://www.chuvakin.org

Tags: policy, security policy, basic mistakes, pretty basic, actual mistakes, paper, compliance, org, tech

New Privacy Policy Wrinkles: Online Behavioral Advertising; and Potential new EU Data Protection Policy

2008-01-31 11:24:31 by Geoffrey Turner in Security & Risk Management

...Policy and Consumer Rights. Both the FTC and the Senate were addressing not only anti-trust risks for competition but also the implications for consumer privacy of a merger of the leading Web search engine and leading behavioral advertising provider The discussion led the FTC to suggest last month that Web advertisers using behavioral...

Tags: consumer, consumer protection, privacy policy, consumer choice, consumer data, constitutes sensitive data, sensitive data, protection, ftc staff

Creating a System i database security policy: First steps

2008-05-19 14:25:51 by Rich Loeber in WhatIs: Enterprise IT tips and expert advice

...policy. If you don't have a policy in place, Rich Loeber explains the first steps for creating your AS/400 security policy. Getting end-user input is key to smooth security policy implementation. The next step to ensuring that your security policy really protects your company's important data is identifying the security classification of your...

Tags: security policy, policy, as400 security policy, security, security classification, rich loeber explains, data, data assets, steps

Cisco Acquires Securent - moving policy decisions to the network layer

2007-11-01 09:12:16 by Andras Cser in Security & Risk Management

...policy engine of their SONA architecture. Policy Enforcement Points (PEP) are currently implemented at the application endpoint. With this acquisition, in the future customers can implement hybrid PEPs distributed between the network and the application, thus starting to move non-business policy logic into the infrastructure layer. The...

Tags: iam, iam vendors, network, entitlement management product, iam market, product, entitlement management, network operations, operations

Bringing Order and Security to your Mobile Workforce: Corporate Mobility Policy and Device Management

2008-04-09 13:00:00 by Editor in Computerworld Security News

...policy. The next step is to manage your mobility policy successfully by putting effective controls in place with mobile device management In this web cast you'll learn how to create an effective mobility policy for your company. You'll also learn about a flexible, cost-effective solution that can help you control your company's mobile assets,...

Tags: mobility, mobility policy, effective mobility policy, mobile device, mobile device proliferation, mobile device management, data access requirements, data, gain control

Insurance claims and policy information in the dumpster

2008-06-18 12:41:02 by Evan Francen in The Breach Blog

...policy paperwork including "names, social security numbers and policy numbers Breach Description Files containing sensitive confidential information were discovered in a dumpster in Richardson, Texas. The files are believed to have been thrown out by the owner of a company called Texas Insurance Claims Services Reference URL WFAA Channel 8...

Tags: information, dumpster, sensitive confidential information, personnel information, confidential customer information, dumpster dive, files, confidential information, people

SOA policy management

2008-07-14 12:44:28 by Brein E. Nally in WhatIs: Enterprise IT tips and expert advice

Anne Thomas Manes explains a SOA policy management and how a policy framework provides a foundation for supporting a policy-driven infrastructure

Tags: soa policy management, policy framework, infrastructure, foundation

Google Changes Privacy Policy

2007-03-15 08:31:00 by Eric Marvets in The Security Samurai

...policy that would anonymize the data after an 18 to 24 months period unless they are legally required to retain them. They also said they would look at improving users privacy across the board, including services like Google Chat and Google Desktop This announcement was a change in corporate policy, rather than a detailed technical plan. We...

Tags: privacy, google, privacy concerns, policy, google chat, financial data, data, google desktop, users privacy

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo