SecurityRatty: tag: retain

KimsCrafts e-commerce breach affects 4,500

2007-12-14 16:08:39 by Evan Francen in The Breach Blog

...retain, but I assume that they are a " Level 4 merchant " according to VISA. As a Level 4 merchant, KimsCrafts is required to complete an annual PCI Self-Assessment Questionnaire and quarterly network scans (by an "Approved Scanning Vendor"). I wonder if KimsCrafts was complying prior to this breach report. If they were, then this leads to...

Tags: kimscrafts, breach, e-commerce, credit file, credit, credit card data, kimscrafts e-commerce site, data, data security firm

Protect your data: everything else is just plumbing

2007-07-02 20:46:32 by Steve Riley in Steve Riley on Security

...retain it. Other sensitive data you do need to retain in some database as part of your business. The best way to keep this data secure is to encrypt it in the database. Microsoft SQL Server 2005 includes some great features to help you herefield-level encryption of data in storage, encryption of data in transit, and enterprise-level key...

Tags: data security, comrms data security, data, security, confidential information, information, information security, temporary data, data vanishes

NERC CIP Rules Out - Logs In!

2008-01-24 13:06:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...retain all logs specified in Requirement R6 for ninety calendar days R6.5. The Responsible Entity shall review logs of system events related to cyber security and maintain records documenting review of logs So, again: have logs, retain them (" Top 11 Reasons to Collect and Preserve Computer Logs ") and review them (" Top 11 Reasons to Look...

Tags: logs, review logs, preserve computer logs, responsible entity, security, cyber security, regulatory security guidance, guidance, review

Do you trust the merchants to protect your credit cards?

2007-12-11 09:01:26 by Khalid Kark in Security & Risk Management

...retain a non-sensitive (and useless to identity thieves) transaction/approval numbers, rather than very sensitive cc numbers and identifying info. This would significantly reduce the risk of the security breaches, which is the ultimate goal of PCI The opponents of this proposal state that it will be a logistical nightmare and cost millions of...

Tags: card industry, card, payment card industry, credit card, merchants, credit card companies, provide merchants, merchants change, security

The new e-discovery rules - what they mean for your company

2006-11-30 06:26:27 by Administrator in Email security & compliance blog

...retain all records and will not be sanctioned if a document is deleted in good faith: Absent exceptional circumstances, a court may not impose sanctions under these rules on a party for failing to provide electronically stored information lost as a result of the routine, good-faith operation of an electronic information system. This means...

Tags: rules, discovery, electronic discovery rules, address e-discovery issues, court, federal court, records, electronic records, company

Google Changes Privacy Policy

2007-03-15 08:31:00 by Eric Marvets in The Security Samurai

...retain them. They also said they would look at improving users privacy across the board, including services like Google Chat and Google Desktop This announcement was a change in corporate policy, rather than a detailed technical plan. We can probably expect the specifics in the near future. Their current stated intention is to change parts...

Tags: privacy, google, privacy concerns, policy, google chat, financial data, data, google desktop, users privacy

Visa Services Northwest caught throwing info in dumpster

2008-01-28 16:23:02 by Evan Francen in The Breach Blog

...retain. Anything short of that is a violation of state law Evan] Good work by the attorney general too Ding said his company has changed its policy to comply We moved from shredding only sensitive information to shredding everything," he said Ding also sent an apology letter and the Attorney General's Office now considers the matter...

Tags: sensitive personal information, personal information, information, visa services, confidential information, sensitive information, gillett, steve gillett, credit card information

New Privacy Policy Wrinkles: Online Behavioral Advertising; and Potential new EU Data Protection Policy

2008-01-31 11:24:31 by Geoffrey Turner in Security & Risk Management

...retaining consumer data, the FTC staff proposes Any company that collects or stores consumer data for behavioral advertising should provide reasonable security for that data and should retain data only as long as is necessary to fulfill a legitimate business or law enforcement need To address the concern that companies may not keep their...

Tags: consumer, consumer protection, privacy policy, consumer choice, consumer data, constitutes sensitive data, sensitive data, protection, ftc staff

Cold Boot Attacks Against Disk Encryption

2008-02-21 13:29:18 by schneier in Schneier on Security

...retain their contents for much longer. At these temperatures (around -50 C) you can remove the chips from the computer and let them sit on the table for ten minutes or more, without appreciable loss of data. Cool the chips in liquid nitrogen (-196 C) and they hold their state for hours at least, without any power. Just put the chips back into...

Tags: main memory chips, memory, todays dram memories, dram, dram contents, memory contents, disk encryption, hard, hard disk contents

Cold Boot Attacks on Windows Vista BitLocker Encryption Keys

2008-02-22 17:00:07 by Editor in Digg / Security

Contrary to popular assumption, DRAMs used in most modern computers retain their contents for seconds to minutes after power is lost, even at operating temperatures and even if removed from a motherboard. Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their conten

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo