Read moreEighty percent of the intrusions of your networks today can be handled by patches, anti-virus and user actions. We spend 90 percent of our time on the 80 percent of the issues that could be handled by good hygiene.
Your Trolling Definition is Wrong
It's always good to keep your door open to constructive criticism when creating documents or anything else for that matter. Sometimes you get amazing feedback and sometimes you just get noise. I'm sure you've experienced both ends of the feedback spectrum. In the...Read moreSecurity breaches usually entail more recovery efforts than acts of God. Unlike proverbial lightning, breaches of security can be counted on to strike twice unless the route of compromise has been shut off.
Use Your Gift Card Before Your Waiter Does
Early this week I got a chance to use one of my Christmas presents, a $50 gift card to Outback Steakhouse. I shared dinner with someone special and the night went pretty smoothly. We got the bill for $46.39 and I handed our waiter the gift card. He returned the...Read moreIf security were all that mattered, computers would never be turned on, let alone hooked into a network with literally millions of potential intruders.
Read more“Do I want to know why you’re so informed about spyware?” she asked. Nikolaos gave her a charming, dazzling smile. “No, my dear. You do not.”
Exploring Regulated Information: PCI Data
PCI is the Payment Card Industry. The most common standard they provide is the PCI Data Security Standard (PCI DSS). The information this standard protects is considered PCI data. The basic premise is that all cardholder data and sensitive authentication data must be...Read moreWe didn’t install the [Code Red] patch on those DMZ systems because they were only used for development and testing [Shortly after spending 48 hours straight removing Code Red worm from internal corporate servers in 2001].
Exploring Regulated Information: HIPAA Data
HIPAA is the Health Insurance Portability and Accountability Act that was passed by Congress in 1996. HIPAA data is the information that would be covered under this act. Under this act is Protected Health Information (PHI) and ePHI which is only allowed to be viewed...Read moreThe methods that will most effectively minimize the ability of intruders to compromise information security are comprehensive user training and education. Enacting policies and procedures simply won’t suffice. Even with oversight the policies and procedures may not be effective: my access to Motorola, Nokia, ATT, Sun depended upon the willingness of people to bypass policies and procedures that were in place for years before I compromised them successfully.
Exploring Regulated Information: CJIS Data
Next in line for the Exploring Series is exploring regulated information. That is information that is governed by law and punishable by fines or other sanctions if there are data breaches or compliance issues. This is a measure to get organizations to protect data...About
Hi, I'm Roy, I created Best of Roy in college to blog about my interests and fun stuff on the Internet. From there, Best of Roy turned into a portfolio site and eventually turned into the collection of professional and enthusiast interests you see now. I'm originally an IT person by trade, but transitioned to Cyber Security in 2014. Stick around to see some helpful solutions for up and coming pros, all the way up to enterprise level solutions.