Tag Archives: security

Teaching Security to the Ungeeky: Convince Them It Matters

Posted on 2012-04-11 Think security’s too technical to teach to everybody? Think again. That misperception leads to a plague of problems, from USB-introduced viruses, to spending a fortune on fixing products after they’ve shipped. In this, the first in a series on teaching security to the nontechnical, I start with converting the security heathens. Read it […]

Leave a comment Continue Reading →

The Eminently Ignorable Document Retention Policy

Posted 03-02-12 Most businesses (93%!!!) have retention policies that dictate when and how to burn shit up. (Burn/delete/pulverize/whatever-ize.) Most businesses TOTALLY IGNORE THOSE POLICIES!! We made a nifty infographic to show how blasé we are about these matters. Check out the infographic on HPIO, then read the HPIO story about how to actually, you know, […]

Leave a comment Continue Reading →

Secure Paper Storage: Managing Business Documents

Posted 03-02-12 They spill out of milk cartons in unlocked storage rooms! They molder in storage facilities secured only by Yale locks! They get horizontally stripped into packing material that helpfully displays your customers’ names, SSNs, and dates of birth! It’s 2:34 a.m. Do you know where your business’s paper documents are?! Here we have horror […]

Leave a comment Continue Reading →

In God We Trust, but Security Vendors Need to Sign the Papers

If Anonymous, LulzSec et al. can pwn security vendors, who can protect us? Here’s help on how to rate security vendors on the sitting-duck scale. In this two-part look at how to vet security vendors, my first article—In God We Trust, but Security Vendors Need to Sign the Papers—focuses on assessing a vendor. This is done […]

Leave a comment Continue Reading →

Is Klout stalking your kids?

One parent finds that, thanks to a lack of reliance on opt-in for Klout and Facebook’s Byzantine new platform rules, her son has been accorded a Klout profile without intent nor desire. It could easily happen to your kids, too. Read the story on NakedSecurity.

Leave a comment Continue Reading →

Thanks for Sharing

Well of course we’re sharing too much on social media. The cat’s out of the bag, and it’s being served with a nice cat demi-glace. Herein, some suggestions from the infosec crowd on how to keep your and/or your organization’s little privacy kittens from being sadly easy to find and to use as phishing bait. Read the […]

Leave a comment Continue Reading →

Crowd-sourcing mischief on Google Maps leads customers astray

As if we weren’t already a drifting, confused mob of smartphone-jabbing zombies already, Google has presented a new way to baffle business customers. Read the story on #Naked Security. #social networks #spam #security

Leave a comment Continue Reading →

WikiLeaks Exposes Thousands of Sources In Written-Password SNAFU

The cone of silence over WikiLeaks’ thousands of sources—many of whose lives are at risk if identified—has been shattered, all thanks to the most mundane, all-too-human security screwup imaginable. To wit: WikiLeaks founder Julian Assange wrote down the password on a piece of paper. Let us hope that this carelessness, this breathtaking lapse in security […]

Leave a comment Continue Reading →

Safest Career Choices for Developers (If You Don’t Want Your Job To Go Away)

Mobile development’s the way to move. Nor will you starve if you’re picking up Java or Objective C. Check out the full story on the new Software Quality Connection site—is lovely, ya? Ya!

Leave a comment Continue Reading →

DirectAccess and the VPN Dragon

Windows 7’s DirectAccess is a win for users: convenient network access, no virtual private network needed. But it’s a stickier prospect vis-a-vis security and administration. For this IT Expert Voice article, I got input from LOPSA, an early Windows 7 user and Sophos’ Chester Wisniewski. Check out the full article here.

Leave a comment Continue Reading →