Great article on how now there are more security controls and tools to protect virtual enviroments….Companies take heed! Network World – As enterprises move towards virtualizing more of their servers and data center infrastructure, the security technologies that are plentiful and commonplace in the physical world become few and far between. While few direct attacks […]
Mobile Malware Hits the Droid
DroidDream Turns Into a Nightmare – Google Removes Several Malware Infected Apps from Official Android Market A new form of mobile malware targeting, once again, Android smartphone users has surfaced today. Dubbed “DroidDream,” the malware has infected multiple applications and is capable of siphoning private data and uploading to remote servers. What’s interesting, and scary, […]
Securing Cloud Computing
Here is a great article published on Security Week, which discusses how to avoid malicious attacks while doing your business in the Cloud. However, my stance is that you can never really avoid attacks in most scenarios, you can only reduce the risk of those attacks and do your best to minimize the impact to […]
HIPAA violations…Large Fines Imposed!
HIPAA privacy actions seen as warning Computerworld – Two separate enforcement actions taken this week by the U.S. Department of Health and Human Services for HIPAA privacy violations should serve as a warning to all healthcare entities, say privacy analysts. The agency announced on Thursday that it had imposed a civil monetary penalty of $4.3 million […]
Hackers Target the Mac
Just when you think Apple Macs are safer than PCs, hackers create malware specifically to compromise the Mac. See this article below from Computer World, which talks about malicious software called the BlackHole RAT. IDG News Service – In a sign that hackers, like everyone else, are taking an interest in everything Apple, researchers at […]
Government 2011 Shutdown…Should Consultants be Concerned?
Roundup: Government Shutdown Looms Added 02/23/2011 – 17:08 by govWin News Expert As March 4 draws closer, the likelihood of a government shutdown increases as Republicans remain steadfast in their commitment to deep spending cuts. Their resolve was exemplified by the House passing a continuing resolution on Saturday for $61 billion in cuts for the remainder of fiscal year […]
Classifying Data…Sensitive vs. Critical
I came across a very good article about classifying data while in storage. Many of our clients have the same issues when it comes to understanding how to classify their data and establishing policies and standards for their organization. One of the biggest issues is trying to get them to understand the difference between data […]
Virtualization on the Rise…What about Security?
More and more companies have seen the increase value of virtualization. However, there are still some who are not yet convince! I will admit the startup costs of transitioning your datacenter from physical to virtual will incur a large cost and some inherent risk. But, the long term value will definitely outweigh these initial expenditures. […]
Strict Access Controls in Place…Oh, really?!
So, many companies have a false perception t hat their data is really secured and they know where and how it is stored. They have complex role-based access controls in place for their applications and network shares; however, they forget the simple basics. Breaches occur from someone who is trusted and is suppose to have […]
Social Engineering ‘thru’ Social Media
Social engineering has been thought to be one of the oldest information security tricks known to attackers and hackers. It is attempts to get users to divulge sensitive information to unauthorized persons without touching your systems and without letting the “victim” know they have been exploited. When we conduct penetration testing, it is an important […]