Now Available:

line

Featured Resources:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Rebecca.

« Finding a Five Leaf Clover! | Main | The World is Miffed About Spam & Phishing »

Data Will Always Be Less Safe In The Future...I Don't Want To Get Gussied Up To Talk On The Phone

I have a blog problem...there are way too many things I want to blog about and not enough hours in the day to do it! Throughout each day I note news items from the TV, or website news articles, or research, or reports, or just observations while at businesses or in public, and I only have a chance to blog about a small fraction of them. Today I think I'll just briefly mention five of the topics I've planned to blog about, along with a brief note about each, and then maybe I'll be able to revisit them sometime in the near future and discuss them at greater length.

* From August 20: Your data's less safe today than two years ago: Crooks are outpacing prevention efforts; ID theft is up 50% since 2003

No kidding! Look at how many new technologies are developed all the time. Look at how much more mobile working occurs. Look at the ever-increasing databases of personally identifiable information (PII). Look at all the new vulnerabilities that continue to emerge. Look at all the new threats that continue to emerge. Two years from now your data will be even less safe than it is today. All the more need for dedicated information security and privacy professionals, all the more need for building security in, all the more need for effective security and privacy practices, and all the more need for ongoing information security and privacy awareness and training.


* From August 22: USERS OUTWIT IT WHEN DEPLOYING CONSUMER APPS

Yes, if workers think they can run their favorite fun software on your network without getting caught, many to most will do it. If they think they can go to sites that their employer said not to without getting caught, many to most will do it. The Wall Street Journal is happy to show them how.


* From IEEE Security and Privacy: Encryption: Security Considerations for Portable Media Devices

This is a nice paper by Faith Heikkila about what you should know about encrypting data on mobile computing and storage devices. Faith provides some great tips and considerations, along with some product sources. The issues are clearly explained and it is easy to read. Check it out.


* From September 21: Ethical hacking courses for sale on eBay

Why is anyone surprised? Considering there have been thousands of these hacking kits sold at these hacking schools; it was inevitable that some of the people taking the courses...of course all the people who have ever taken or will take these courses are completely trustworthy never to share them ;)...would want to sell them to make a little bit of money that they needed to pay for more advance hacking tools, or to try and recoup some of the money that their employers surprisingly did not reimburse to them to take the course, or, whatever...

Whenever a vendor is offering this kind of course, they have to expect that their products will be re-sold...a security company offering these courses should understand the insider threat is real by now. Even if they send the names of their participants to the FBI.


* From October 16: A CNN video report, "Out of voicemail jail"

Bill Gates basically wants to replace the phone companies and have everyone switch to "unified communications" using his computers and technologies. I bet he does!

But it's in our best interest...according to Mr. Gates it will allow us no downtime so we can be more productive, more efficient, the system allows for face to face communications, and is oh, gosh, ever so neat! Mr. Gates projects 100 million people will be using unified communications in 3 years and that voice mail will become a "thing of the past."

UGH! That's all we need...more expectations that we will be available 24/7 to do work!

I am told I already spend too much time working and not enough down time. I know there are millions of others who are also told that. I don't even have a Blackberry...I refuse to become a slave to my email. But I still seem to be working 7 days a week.

And...I like talking to people on the phone and not worrying about what I look like! Sometimes I want to make a business call after a 5-mile run, while I'm still all red, sweaty and wearing a slightly holey t-shirt and wrinkled shorts...hey, I can think more clearly and creatively after a run! It doesn't matter what people doing business on the phone look like as long as the conversation and communications are good and productive. I sure don't want to have to get office-looking-ready just to communicate with someone over the computer/phone.

Besides just time and practical issues, there are so many security and privacy issues involved. Where will all these "unified communications" transmissions be stored? Copied to? Who will be listening and/or looking in on them? What are the e-discovery issues involved? Are the communications all being archived somewhere? How do we really know what folks are on the other end of the transmission listening in that may not be visible on the screen? Hmm...

Tags:                                  
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold on October 17, 2007 8:57 PM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-itcompliance.com/type/mt-tb.cgi/547

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Rebecca Herold's Bio:

Rebecca Herold,CISSP, CIPP, CISM, CISA, FLMI, has been providing information security, privacy and regulatory assistance and services to organizations from a wide range of industries for over 18 years. Rebecca was instrumental in building the information security and privacy program while at Principal Financial Group, which was awarded the CSI Information Security Program of the Year Award in 1998. IT Security ranked Rebecca as one of the top 59 IT security influencers, and Computerworld put Rebecca their list of the 25 top privacy experts and on their list of the 9 best privacy consulting firms. Rebecca has been CPO for two consulting organizations, and has had her own information privacy, security and compliance business since 2004. Rebecca has written chapters for several books, dozens of articles, and has been writing a monthly privacy column for the CSI Alert newsletter since the beginning of 2001, and is working on her 11th book. Some of her other books include The Privacy Papers, Managing an Information Security and Privacy Awareness and Training Program, The Definitive Guide to Security Inside the Perimeter (Realtime Publishers), The Shortcut Guide to Improving IT Service Support through ITIL (Realtime Publishers), and The Practical Guide to HIPAA Privacy and Security Compliance. In addition, Rebecca is the leader of The Realtime IT Compliance Community where she posts to her IT Compliance weblog. You can contact Rebecca at: rebecca_herold@realtimepublishers.net.