SEARCH RESULTS
 
Showing 1-10 of 21 records
 
Expand article

Segregation of data protection duties

2007-12-17 10:12:06 by Jen Albornoz Mulligan in Security & Risk Management
 
...duties should be separated, and why it is important to have a chief privacy officer. There are already many other people on the opposite side of the issue, like the heads of business or marketing officers. Even still, it may not be a fair competition, but at least someone will be standing up for the consumer trying prevent privacy violations
 
Tags: protect information, information, business, information yahoo collects, additional business risks, yahoo, chief privacy officer, business week recently, usama fayyad
 
 
 
 
Expand article

SQL Injection and separation of duties

2008-06-22 14:42:49 by Slavik in Musings on Database Security
 
Adrian Lane writes in his blog entry about separation of duties on the application level. While I agree with his sentiments I also know how hard it is to do so from the application development side. In most applications , database connections are using connection pooling. Creating such a separation makes the development process a
 
Tags: separation, adrian lane writes, development process, duties, application development, blog entry, database connections, application level, connection
 
 
 
 
Expand article

The key to data security: Separation of duties

2008-08-27 13:00:00 by Editor in Computerworld Security News
 
Separation of duties is a key control in finance, and it should be required in information security, too. It requires that no one person is able to compromise information
 
Tags: compromise information, duties, key control, information security, separation, person, requires, finance
 
 
 
 
Expand article

Lasell College IT employee suspected in breach

The Article has images
2008-03-21 11:44:01 by Evan Francen in The Breach Blog
...duties? This is a real challenge. Lasell College deserves credit for detecting the unusual activity. This is one (of many) reasons why information security is NOT an IT function University officials said they first discovered the suspicious activity on Feb. 6 and promptly began an investigation. They said they notified local law enforcement...
 
Tags: information, personal information, information security studies, lasell college, lasell, chief information officer, information systems, information technology, information security
 
 
 
 
Expand article

The top six corporate email risks

2007-10-27 19:27:40 by Administrator in Email security & compliance blog
 
...duties on financial institutions. Steep penalties can apply to those organizations that do not comply with their industrys regulations. In a case lasting from 2000 until 2005, a well-known financial institution was recently forced to pay 20 million dollars in penalties by the Securities and Exchange Commission for not diligently searching for...
 
Tags: risks, email risks, email, email disclaimer, email communications, companys email system, company network, company, explicit email
 
 
 
 
Expand article

Why is there a need for a download adware spyware removal?

2007-08-01 19:27:00 by jack in adware and spyware
 
...duties Having said that, it is now time to turn your attention to one of the enemies of the cyber industry these days and that is spyware. Spyware came into advent as a result of the booming internet slash computer industry. For of course there will always be those people who will take advantage of something positive and ride on it in a...
 
Tags: adware, adware spyware removal, spyware, programs, programs essential, bogus programs, office duties, office, system
 
 
 
 
Expand article

Fraud on the Target Visa call center

The Article has images
2008-02-08 15:32:45 by Evan Francen in The Breach Blog
...duties Evan] I would think that there is a pretty easy way to limit the amount of information that call center employees have to account information. Maybe it would still work if portions of sensitive information were masked Based on Target's investigation into the incident, we have determined that three employees of the call center accessed...
 
Tags: call, target, call center employees, accounts, target visa accounts, call center, call center assistance, employees, target national bank
 
 
 
 
Expand article

Employee fraud at Tenet Healthcare affects 37,000

The Article has images
2008-02-18 10:26:45 by Evan Francen in The Breach Blog
...duties, job rotation, cross-training, etc.). Access to Social Security numbers should require an additional level of clearance and this clearance should be closely scrutinized. The normal "run of the mill" billing work does not require Social Security number access I'm more concerned with what could happen than what has happened," Ashley...
 
Tags: tenet, require, require social security, security, tenet healthcare corp, employee fraud, fraud, letters, tenet notification letters
 
 
 
 
Expand article

Oklahoma County Social Security numbers online

The Article has images
2008-03-13 09:46:09 by Evan Francen in The Breach Blog
...duties of county clerks can be challenging from both a confidentiality and an integrity standpoint. I have seen instances where court decisions were made based on publicly available court documents that were inaccurate. Then there are cases where court documents should be public in whole, but contain sensitive confidential information in the...
 
Tags: county, county commissioner, county clerks, oklahoma county residents, residents, oklahoma county, social security, court documents, county clerk
 
 
 
 
Expand article

IT GRC is the next evolution for the Enterprise Security Organization

2008-03-17 15:35:00 by Ryan Shopp in practical risk management
 
Great write-up and perspectives from the GRC guru, Michael Rasmussen; What is IT GRC snip Interestingly enough, I was at an event last week of a dozen senior IT executives and we discussed this concept of IT-GRC. These were all Fortune 500 firms. Going around the room each was spending on average 5-6% of their IT budget this year on IT-GRC . A...
 
Tags: grc, it-grc strategy, it-grc, it-grc space continue, grc guru, fortune, save fortune, security organizations money, significantly