Search Results

Imagine this situation: A coworker calls you in a panic. He's facing a fast-approaching deadline, and you are the only person who can help him succeed in getting some critical task done. This hypothetical coworker explains to you what he's working on and how it's critical to the success of the organization in some way; he's at his wits' end in trying to accomplish a portion of that task (say, downloading a critical file from an internal file server), and he's asking you in desperation to help him out. Would you help him? ...

Just a few weeks ago, Lincoln Medical and Mental Health Center learned a hard lesson. If you didn't see the news reports, the N.Y.-based healthcare provider notified over 130,000 individuals that their records -- including diagnostic information, Social Security numbers, dates of birth, and other information of use to identity thieves -- was potentially lost. ...

Did you know everyone has a blind spot? It's true. ...

There's no shame in admitting that audits are hard. For those of us in IT, hearing the word "audit" probably brings up a groundswell of negative connotations and the corresponding aggravation and headache: We know from having lived through it that tech-heavy regulatory audits -- annual PCI assessments, HIPAA audits, ISO, etc. -- cut directly into our staff's ability to get their already-busy jobs done. ...

The No. 1 complaint that I hear from organizations when discussing IT security is that they don't have enough resources to do everything they need to. ...

Over the past few years, it seems like there's one technology that almost everyone is deploying: laptop encryption. All over the industry, in nearly every vertical, it seems like everybody has either just deployed, is deploying, or is about to deploy some type of encryption technology to protect laptop data. ...

Most of us are probably familiar with safe deposit boxes -- you know, the secure storage areas that banks and post offices provide to keep things like jewelry and important documents secure. Even if you've never rented one yourself, chances are you're probably familiar with the concept: a safe place where you can put important and one-of-a-kind items so that they'll be protected should the unexpected occur in your home (like a fire, theft or flood).

Have you ever tried to work when you're really sick? I don't mean a little cough or sniffles. I'm talking about a genuine, drag-out, "can't get out of bed" illness -- the kind where it hurts to stand up, let alone go into the office. ...

Remember the "Scantron" sheets that you had to fill out in school for taking standardized tests -- you know, the ones where you had to fill in the circle with a No. 2 pencil to mark your answer? ...

Well, it's November again -- which means that it's just about time for this year's set of New Year's predictions. Every year around this time, everyone from antimalware companies to analyst firms line up to tell us about the top IT and security trends -- what they are and why we should care. This year, chances are they'll tell us all about cloud computing, virtualization and social networking and why these technologies are the new best (or worst) friends for security folks in 2010. ...

As a resident of New Hampshire, I can tell you that the Old Man of the Mountain is a very tender topic for Granite Staters. If you've never heard of it, the Old Man is -- or rather was -- a natural rock formation that was the spitting image of an old man's face. It was carved out of granite on the slope of Mt. Cannon, and if you've never seen it you can check out what it looked like on the back of the N.H. state quarter. ...

Over the holiday weekend, a family friend (whose husband is a contractor) introduced us to a great concept we hadn't heard before: The concept of "visual yield." It's a concept that I think anybody who's ever been involved in a home improvement project can understand and appreciate -- and it has more to do with information security (and technology in general) than you might think at first blush...

Ed Moyle is currently a manager with CTG's information security solutions practice, providing strategy, consulting and solutions to clients worldwide, as well as a founding partner of Security Curve. His extensive background in computer security includes experience in forensics, application penetration testing, information security audit and secure solutions development...

Everyone knows the old adage that "out of sight" is "out of mind." There's quite a bit of truth to it. It's a facet of human nature that things that are directly in front of our face get noticed, while things that are out of our scope of awareness don't. ...

We all know that some things are easier to do than others. In fact, what separates an average manager from a great one is the ability to balance decisions based on two almost totally unrelated sets of criteria: ease of accomplishment on the one hand vs. value to the organization on the other. ...

Nowadays, being in IT means dealing with audits -- this is true regardless of whether you do business in a regulated industry (e.g., financial services, healthcare), whether you provide service to clients in those industries, or whether your organization has a non-vertical need for audit (i.e., you're a publicly traded company responsible for SOX compliance, or a retailer responsible for PCI compliance)...

"Vendor security questionnaire" -- three innocuous-sounding words that can leave security folks trembling. ...

Let's face facts: It's a hard economy right now. For those of us in the security business, a down economy hits us harder than most other areas of the business. Not only does our budget wallow in the doldrums just like other areas, but at the same time that we're stuck with less funding, the overall risk increases as well. ...

Have you heard the one about the beaver and the lumberjack? I remember it from when I was a kid: ...

Ed Moyle is currently a manager with CTG's information security solutions practice, providing strategy, consulting and solutions to clients worldwide, as well as a founding partner of Security Curve. His extensive background in computer security includes experience in forensics, application penetration testing, information security audit and secure solutions development...