For years the differences between US and other countries laws have been resolved by agreements which respect both sides concerns. With regard to data transmission, e.g., personnel records within an international company, Safe Harbour rules are often defined. They allow companies from other countries to...
Kidnapping always makes interesting news. Having just returned from an international business trip, the article "What Companies Should Do if an Employee Is Kidnapped" in yesterday's Wall Street Journal caught my attention. The author, Nicholas Elliott, provides a checklist for countries where kidnappings are common: Don't...
In the last 20 years PDF (portable document format) files have become a standard for data interchange. Adobe Acrobat or Reader are the common programs that are used to open these files. When they are opened, mysterious contents can include bad stuff (malware). Since 2001 PDF...
For a while we have heard of really clever hacks. Things like USB memory devices that can implant bad stuff on our computers. Here's a just-discovered scary one. Lenovo is apparently shipping their computers with a permanent back door giving them control over the machine...
Some computer security news is painful. Here's one about EMET that is good news. Microsoft has an add-on called the Enhanced Mitigation Experience Toolkit. It really does increase the difficulty for intruders to exploit Windows. I have used it since it was first announced and recommend...
Today I enjoyed the opportunity to be one of the instructors in a ASIS CPP certification program. My topic was information security in the face of today's risks. The big change in computer network defense is today's axiom, "The attackers are already inside my networks". Firewalls...
We all receive waves of unsolicited (and downright yucky) emails coming in from time to time...
There's nothing that can get your attention like an immediate death threat. Sometimes they seem random, like that aircraft crash that is moments away. Others are really personal like a guy with a gun pointed at you. Having survived these and a few others I...
You have your gold in a safe; your birth certificate is in the bank. Where is your company's online identity? What if someone steals your internet domain for a porn site? A friend of mine had invested in a very neat one-word domain that he expected to...
The sweep that we completed a while back in a medical office found a vulnerability that exposed ALL PATIENT RECORDS. We checked for the usual hidden microphones; all that was discovered was a cordless phone vulnerability. While working in the area we couldn't help but notice...