SecurityRatty: tag: procedural

Elliot Health System reports a breach involving health information

2008-04-16 11:00:28 by Evan Francen in The Breach Blog

...procedural dates of service at EHS, name of your insurance company and your date of birth Breach Description A business associate of The Elliot Health System (EHS), Advanced Medical Partners, Inc. (AMPI), has recently informed us that on the evening of February 22, 2008, a thief/thieves broke into corporate headquarters, and stole ten...

Tags: information, breach, elliot health system, elliot, health information, contractor information security, ehs andor ampi, ehs, information security program

Data Retention and Privacy in Electronic Communications

2008-10-08 04:42:06 by Editor in IEEE Security and Privacy

The retention of communication data by network providers, often mandated by legislation, raises social and technical security concerns. A generic model combining technical, procedural, and legal controls can help secure retained data and minimize privacy threats against users

Tags: data, technical, technical security concerns, communication data, legal controls, privacy threats, network providers, raises social, retention

Ask the Auditor: Who is Responsible for Information Security?

2007-12-29 06:24:50 by Editor in Security Links

...procedural, and oversight controls, all of which should be reviewed or tested to ensure they are (a) adequate, as defined to mitigate information security risks, and (b) reasonably effective in practice Finally, executive management must provide leadership to ensure that information security efforts are supported and understood across the...

Tags: information, information security, information policy, information security risks, information assurance, information security governance, information security managers, information security management, assign information security

Stolen laptops affect 337,000 Davidson County voters

2007-12-29 11:30:26 by Evan Francen in The Breach Blog

...procedural, administrative, or technical controls Why are the offices not physically secure? If a rock is all that is needed to break-in and go undetected for x number of days, then the offices were not physically secure Why is confidential information stored on mobile devices (laptop in this instance)? Confidential information should be...

Tags: voters, davidson county voters, davidson county, tennessee voters, information technology department, information, voters monitor, sensitive personal information, confidential information

House committee issues report and finds fault with TSA web site

2008-01-15 09:35:53 by Evan Francen in The Breach Blog

...procedural and information security safeguards as mandated by FISMA following National Institute of Standards and Technology (NIST) guidance Am I missing something Past Breaches October, 2007 - Stolen laptops contained sensitive TSA information

Tags: tsa, website, website contract, traveler redress website, tsa moved quickly, security breach, information security breach, security vulnerabilities, multiple security vulnerabilities

Biometrics would not have prevented SocGen incident

2008-03-07 19:25:37 by Stuart King in Stuart King's Security and Risk Management Blog

...procedural controls listed such as "no confirmation for internal transactions." This is also a view shared by Kenneth Paterson of the Royal Holloway in this very insightful article published as part of the latest Computer Weekly Think-Tank on insider threats. Read the full report here

Tags: controls, procedural controls, report, report identifies, audit controls, biometrics, security tosh, strong identification solutions, computer weekly think-tank

Risk ROI for Some Provisioning Solutions

2008-04-19 02:22:29 by Erik T. Heidt in Art of Information Security

...procedural controls Based on my experiences, having prepared several product selection scorecards in this space, there are two major approaches (philosophies), that provisioning products take in this space The provisioning system sees itself as Coordinating identity and entitlement activities among systems with the objective of providing...

Tags: information security, information, entitlement, entitlement lifecycle, solutions, systems, risk roi, information security podcast, identity

Société Générale plans to close loopholes by year end

2008-05-23 00:00:00 by HASH0x8b3dbdc in Network World on Security

French bank Société Générale expects to have remedies in place by year end for the technical and procedural flaws that allowed rogue trader Jérôme Kerviel to build a fraudulent trading position that cost the bank 4.9 billion (US$7.25 billion

Tags: procedural flaws, billion, cost, fraudulent, position, technical, us7, bank, remedies

ICANN's Announcement Of Anti-Domain Tasting Measures To Registrars

2008-07-08 15:42:32 by Editor in Cheap Hack

...procedural history of this proceeding. Whereas, the Board is also considering the Proposed FY 09 Operating Plan and Budget , which includes (at the encouragement of the GNSO Council) a proposal similar to the GNSO policy recommendation to expand the applicability of the ICANN transaction fee in order to limit domain tasting. Resolved...

Tags: icann, directly, fees directly, fees, registrar fees effective, effective, registrar-level fees, fee, per-transaction fee

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo