Organizations unable or unwilling to provide the controls necessary to react immediately to protect customer, employee, or patient information should reconsider keeping it in the first place.

read more from this topic.....

What responsibility do security vendors and government agencies have to deliver or mandate secure products and services? I found myself asking this question repeatedly last week, as two incidents occurred which prompted a ‘what were they thinking’ response.

read more from this topic.....

Well, now that CyberSpy Software doesn’t promote RemoteSpy (a remote keylogger) as super-secret software and doesn’t provide directions on how to use it as such, all is well in the legal realm. What a bunch of nonsense.

read more from this topic.....

In this post, we’ll walk through how Hamachi works, look at some additional free tools you can run over Hamachi connections, and the risk it presents to your business network. We’ll close with a few suggestions for blocking its use.

read more from this topic.....

Earlier this week, I ranted about schools and businesses not using controls to prevent students and employees from viewing unsuitable content on the Web. I thought it appropriate to discuss an easy-to-use solution that fits within everyone’s budget.

read more from this topic.....

It is not just government managers who require behavior changes when it comes to securing sensitive assets. Managers in private industry often mistakenly see compliance as security. But changing this view takes patient persistence.

read more from this topic.....

As elected officials and non-elected government employees struggle with how to arise above bureaucratic, information security ineffectiveness, they continue to plan for and establish large, centralized databases containing our information. Is spreading the data across disparate repositories the answer?

read more from this topic.....

The application firewall is not a replacement for other layers in the controls framework. It supplements them. So what is it and why do you need it? How do you make a business case for another security control?

read more from this topic.....

Video surveillance is easy to deploy. An increasing number of employers are exploring implementation of inexpensive video systems to protect employees and the business. Before writing the check, however, there are several regulatory and employee relation safeguards to consider.

read more from this topic.....

Although most of the Red Flag requirements apply to hiring and credit processing practices as well as those related to health facility admissions, PII and ePHI protection are also included. So what does this mean to security managers? It depends

read more from this topic.....