In the IT industry, we tend to get so wrapped up in high-tech, high-concept notions about data and network security. We go through periods of rapture about the latest software fixes that are guaranteed to finally lock down our networks and prevent incursions from malicious intruders.
Continue reading "Looking to Boost Data Security? Check the Lost & Found Pile" »
Last summer, Redemtech commissioned a study with the Ponemon Institute to explore the root causes behind data breaches that are providing so many companies with so much bad press. We initially suspected that the trouble begins when assets are disconnected from the network to move or retire equipment. The study was conducted with 735 security professionals from mid-size to large organizations, in both government and the private sector.
Continue reading "Off-Network Security Risk No Longer Off the Radar" »
It didn’t receive a lot of play in the global news media, but some new research conducted by the University of Glamorgan in the UK, Longwood University in the U.S. and Edith Cowan University in Australia, found that hard drives sold on online auctions often contain significant traces of personal information.
Continue reading "Look What I Found on Your Discarded Hard Drive! " »
Friends of mine lost nearly half of everything they own when their home was inundated by flood waters in the widespread Midwest deluge this summer. As they struggled to rescue what they could in the fast-rising waters, they left their computer behind. They had a surprise when they tried to salvage the PC, which had been submerged for days. They were able to retrieve presumably lost data from the hard drive.
Consumer confidence should be an increasing concern for businesses that are keepers of precious personal information. Information such as Social Security numbers, addresses, driver’s license numbers, or even credit card spending habits can give criminals the information they need to kill your credit score.
Continue reading "Identity Theft – A Killer of Reputations" »
We are hearing more and more about identity theft and data loss from computers and other data-bearing equipment. I could quote news stories about these incidents, but Redemtech already shares this information through its other communications outlets (see News & Views), so I won’t waste time here with repeating familiar news.
Continue reading "Identity Theft and Things We Could Learn" »
My level of disgust for the U.S. Department of Defense is at a new high. Being in the data security business where “DoD compliant” is good currency, I recoil at the mention of the DoD standard for anything. One thing I know - their standards are low.
Continue reading "The DoD Standard: Certifiable Zero Accountability" »
My company, Ponemon Institute, has been researching the issue of data breaches: the cost, the business impact, organizations’ response and what seem to be the most prevalent causes. Our latest research project was conducted to find out about loss or theft of data when off-network electronic devices are the target.
Continue reading "Study Finds Off-Network Security Off-Track" »
It’s easy to steal data—just walk away with it. Despite billions spent on IT security, the Ponemon Institute’s National Survey on the Insecurity of Off-Network Security has found that many corporations are failing to address the root cause of more than half of all data breaches: the loss or theft of data-bearing assets. The good news is that remediation of off-network security gaps, though not easy, can be straightforward.
DATELINE: Dallas Atoll, Aug. 21, 2027 – Security analysts today reported yet another case of stolen data from the identity chips implanted in more than 10 million U.S. citizens. Instead of the more common drive-by mega-hacking that has become common in larger U.S. cities such as New Surfside City, Nev. and the nation’s capital, Indianapolis Island, today’s theft occurred when an employee of MicroGooglezon inadvertently left his nanorobotic armtop computer behind at a McStarDonbuck’s restaurant.
Surfing the cable channels late one evening when I was unable to sleep, I came across an old movie I used to appreciate. War Games is a terribly technologically outdated film about a teenage computer whiz who mistakenly hacks into a military computer charged with monitoring the global nuclear landscape. Watching the movie 24 years after it was made, I was amused by a pre-Producers Matthew Broderick literally spending days trying to figure out a password to gain entry to what he thought was a computer game company.
While I routinely track and report offline data thefts and other security breaches as part of my job (see news bureau), I have to admit that the recent disappearance of a backup computer storage device with the names of more than 64,000 Ohio state employees, as well as names and Social Security numbers of about 75,500 dependents, caught me by surprise.
Continue reading "Ohio's Data Breach Response Represents Trend Toward Responsibility" »
It’s good news that concern for data privacy has become a public priority for so many companies. Trouble is, if policy is crafted at the executive level and passed down to management for execution without a mandate for inspection and measurement of outcomes, a charade often results.
