Group items tagged

A typical lost or stolen laptop costs employers $49,246, mostly due to the value of the missing intellectual property or other sensitive data, according to an Intel-commissioned study made public Wednesday. "It is the information age, and employees are carrying more information on their laptops than ever before," according to an analysis done for Intel by the Michigan-based Ponemon Institute, which studies organizational data-management practices. "With each lost laptop there is the risk that sensitive data about customers, employees and business operations will end up in the wrong hands." The five-month study examined 138 laptop-loss cases suffered over a recent 12-month period by 29 organizations, mostly businesses but also a few government agencies. It said laptops frequently are lost or stolen at airports, conferences and in taxis, rental cars and hotels. About 80 percent of the typical cost - or a little more than $39,000 - was attributed to what the report called a data breach, which can involve everything from hard-to-replace company information to data on individuals. Companies then often incur major expenses to prevent others from misusing the data. Lost intellectual property added nearly $5,000 more to the average cost. The rest of the estimated expense was associated with such things as investigative costs, lost productivity and replacing the laptop. Larry Ponemon, the institute's chairman and Advertisement founder, said he came up with the cost figure based on his discussions with the employers who lost the laptops. When he later shared his findings with the companies and government agencies, he said, some of their executives expressed surprise at the size of the average loss. But he noted that one of the employers thought the amount could have been even higher.

The loss of personally identifiable information, such as an individual's Social Security number, name, and date of birth can result in serious harm, including identity theft. Identity theft is a serious crime that impacts millions of individuals each year. Identity theft occurs when such information is used without authorization to commit fraud or other crimes. While progress has been made protecting personally identifiable information in the public and private sectors, challenges remain. GAO was asked to testify on how the loss of personally identifiable information contributes to identity theft. This testimony summarizes (1) the problem of identity theft; (2) steps taken at the federal, state, and local level to prevent potential identity theft; and (3) vulnerabilities that remain to protecting personally identifiable information, including in federal information systems. For this testimony, GAO relied primarily on information from prior reports and testimonies that address public and private sector use of personally identifiable information, as well as federal, state, and local efforts to protect the security of such information. GAO and agency inspectors general have made numerous recommendations to agencies to resolve prior significant information control deficiencies and information security program shortfalls. The effective implementation of these recommendations will continue to strengthen the security posture at these agencies. Identity theft is a serious problem because, among other things, it can take a long period of time before a victim becomes aware that the crime has taken place and thus can cause substantial harm to the victim's credit rating. Moreover, while some identity theft victims can resolve their problems quickly, others face substantial costs and inconvenience repairing damage to their credit records. Some individuals have lost job opportunities, been refused loans, or even been arrested for crimes they did not commit as a result of identit

The loss of personally identifiable information, such as an individual's Social Security number, name, and date of birth can result in serious harm, including identity theft. Identity theft is a serious crime that impacts millions of individuals each year. Identity theft occurs when such information is used without authorization to commit fraud or other crimes. While progress has been made protecting personally identifiable information in the public and private sectors, challenges remain. GAO was asked to testify on how the loss of personally identifiable information contributes to identity theft. This testimony summarizes (1) the problem of identity theft; (2) steps taken at the federal, state, and local level to prevent potential identity theft; and (3) vulnerabilities that remain to protecting personally identifiable information, including in federal information systems. For this testimony, GAO relied primarily on information from prior reports and testimonies that address public and private sector use of personally identifiable information, as well as federal, state, and local efforts to protect the security of such information. GAO and agency inspectors general have made numerous recommendations to agencies to resolve prior significant information control deficiencies and information security program shortfalls. The effective implementation of these recommendations will continue to strengthen the security posture at these agencies. Identity theft is a serious problem because, among other things, it can take a long period of time before a victim becomes aware that the crime has taken place and thus can cause substantial harm to the victim's credit rating. Moreover, while some identity theft victims can resolve their problems quickly, others face substantial costs and inconvenience repairing damage to their credit records. Some individuals have lost job opportunities, been refused loans, or even been arrested for crimes they did not commit as a result of identit

The recent U.S. stimulus bill includes $18 billion to catapult the health industry toward the world of electronic health records. This is sure to light a fire under every hungry security vendor to position itself as the essential product or service necessary to achieve HIPAA compliance. It should also motivate healthcare IT professionals to learn where their sensitive data is located and how it flows. To be sure, with federal money allocated through 2014 for the task of modernizing the healthcare industry there will be many consultant and vendor businesses that will thrive on stimulus money. Healthcare is unique in that storage of electronic health records is highly distributed between primary care physicians, specialist doctors, hospitals, and insurance/HMO organizations. Information has to be efficiently shared among these entities with great sensitivity towards patient privacy and legitimate claims processing. Patients want to prevent over zealous employers from performing unauthorized background checks on medical history; claim processors want to prevent paying fraudulent claims arising from targeted patient identity theft. The bill has two provisions which turn this into a tremendously challenging plan, and a daunting task for securing patient data: * Citizens will have the right to monitor and control use of their own health data. This implies a large centralized identity and access control service, or perhaps a federated network of patient registration directories. Authenticated users will be able to reach into the network of health databases audit use of their data and payment history. * Health organizations suffering loss of more than 500 patient records must publicly disclose the breach, starting with postings on the government's Health and Human Services website. This allows related organizations to trace the impact of the breach throughout the healthcare network, but care must be taken not to disclose vulnerabilities in the system to intruders

The reality of any new technology, security or otherwise, rarely lives up to its promise. Once you move past the bright sheen of the product brochures and top-level user interfaces, only the practicalities of implementing the product in the real world remain. This is especially true of newer technologies we have little prior experience with, where our product expectations are defined by marketing, the press, and the rare peer reference. It's only after these tools are tested in the real world, under full production conditions, that we really start learning how to either best implement them, or kick them back to the vendor for a little more polish (and a compelling business use). Data loss prevention (DLP) is one of the most promising, and least understood, security technologies to emerge during the last few years. It dangles promises of ubiquitous content protection before our eyes, with shadows of complexity and costs glooming over its shoulder. As with everything, the reality is somewhere in-between. We've interviewed dozens of DLP users (including our own contacts, random volunteers and vendor references) to find out how DLP works in the trenches of the real world. The result is a collection of lessons learned and use cases to help you avoid common pitfalls while deriving maximum value. Lesson 1: Users are confused by a confusing market Lesson 2: Full DLP solutions take more effort to deploy, but are more effective and easier to manage Lesson 3: Set the right expectations and workflow early Lesson 4: Poor identity management hinders good DLP Lesson 5: False positives are a manageable concern Lesson 6: Progressive deployments are most effective Lesson 7: Endpoint DLP is still more limited than network or discovery Lesson 8: Content discovery is hot

www.killdo.de.gg Most quality online stores. Know whether you are a trusted online retailer in the world. Whatever we can buy very good quality. and do not hesitate. Everything is very high quality. Including clothes, accessories, bags, cups. Highly recommended. This is one of the trusted online store in the world. View now www.retrostyler.com

"CRM systems are full of data that's valuable to your company. Or at least, it better be. But CRM systems are not at the top of the list for external hackers, so why should it be on your priority list for an ILP/DLP system? Let's start by clearing up a misconception: the external hacker is rarely your biggest concern, particularly for a CRM system. The most dangerous breaches come from your own employees, particularly the disgruntled ones. Given the number of layoffs and the turnover of sales reps these days, the risk has grown. Your employees not only have access to a significant amount of data, but also know what the data means and how to separate the marginal from the important."

"If there was anything even vaguely comforting about the data breaches that were announced this year, it was that many of them stemmed from familiar and downright mundane security failures. Companies continued to be felled more by usual issues such as lost laptops, un-patched or poorly coded software, inadvertent disclosures and rogue insiders, rather than by sneaky new attack techniques or devastating new hacker tools. "

Preventable data loss damages customer trust and corporate trust.

As USB devices have evolved into useful storage media, they've also turned into a security nightmare for agencies. The usage of USB devices should be encouraged and embraced to improve productivity, but they also must be managed to minimize the risks inherent with these tools. This paper discusses how USB devices have evolved and looks in-depth at the productivity benefits as well as the potential risks these devices can introduce if not managed properly. This paper also offers recommendations on how to balance the productivity versus risk challenge and highlights how government agencies can effectively manage the usage of USB devices and prevent data loss and malware introduction.