Group items tagged

Is your company keeping information secure? Are you taking steps to protect personal information? Safeguarding sensitive data in your files and on your computers is just plain good business. After all, if that information falls into the wrong hands, it can lead to fraud or identity theft. A sound data security plan is built on five key principles: * Take stock. Know what personal information you have in your files and on your computers. * Scale down. Keep only what you need for your business. * Lock it. Protect the information in your care. * Pitch it. Properly dispose of what you no longer need. * Plan ahead. Create a plan to respond to security incidents. To learn more about how you can implement these principles in your business, play our interactive tutorial. You'll see and hear about practical steps your business can take to protect personal information. After you experience the tutorial, we hope you'll take advantage of the other resources on this site to educate your employees, customers, and constituents. Order copies of our brochure, Protecting Personal Information: A Guide for Business, or publish an article on information security in your newsletter, magazine, or website. All of the information on this site is in the public domain; we hope you'll share it freely.

Social networking users are more vulnerable than ever and taking more risks with their online privacy. According to the 'Bringing Social Security to the Online Community' poll by AVG, while the social networking community has serious concerns about the overall security of public spaces, few are taking the most basic of steps to protect themselves against online crimes. Participants indicated concern over growing phishing, spam and malware attacks, and nearly half of those surveyed are very concerned about their personal identity being stolen in an online community. Despite widespread use of social networks at home and/or at work, 64 per cent of users infrequently or never change their passwords on a regular basis, while 57 per cent infrequently or never adjust their privacy settings. Further, 21 per cent accept contact offerings from members they do not recognise, more than half let acquaintances or roommates access social networks on their machines, 64 per cent click on links offered by community members or contacts and 26 per cent share files within social networks. As a result of this widespread proliferation of links, files and unsolicited contacts, nearly 20 per cent have experienced identity theft, 47 per cent have been victims of malware infections and 55 per cent have seen phishing attacks.

"BlueCross and BlueShield of Tennessee is still scrambling to figure out how much of its members' personal information was put at risk in an Oct. 2 data breach in which 57 hard drives were removed from computer servers at a plan office in Chattanooga, according to a plan spokeswoman. In a telephone interview, Blues spokeswoman Mary Thompson said there were no signs of forced entry and the drives, which Thomson said were between the size of a large book and an 8-track tape cartridge, were taken from a set of active servers in a data storage cabinet. The removal, termed a theft by the plan, was not discovered until Oct. 5, Thomson said"

57 hard drives stolen from active servers and no one noticed? No sign of forced entry? Hmmmm.

The industry coalition says it is enlisting the ISPs in its effort to "curb online theft" but critics say the ISPs are invading their customers' privacy and turning themselves into the Internet Secret Police.

In a study that is unlikely to find favor among privacy advocates, researchers from two academic institutions warned that increased efforts to protect the privacy of health data will hamper the adoption of electronic medical records systems. The study, conducted by researchers at MIT and the University of Virginia, said EMR adoption is often slowest in states with strong regulations for safeguarding the privacy of medical records. On average, the number of hospitals deploying EMR systems was up to 30% lower in states where health care providers are forced to comply with strong privacy laws than it was in states with less stringent privacy requirements. That's because privacy rules often made it harder and more expensive for hospitals to exchange and transfer patient information, thereby reducing the value of an EMR system, the study found.

Like this http://cheaptravelbooker.com Like this http://cheaptravelbooker.com like this http://killdo.de.gg travel,hotel,fun,hotel new,new offer,hotel best,best hotel,hotel travel,seo,backlinks,edu,gov,ads,indexing,bookmark,killgoggle,gogglesuck,goggle bookmark,kill goggle,yahoo,bing,indexing,quality links,linkwell,traffic boster,index best

Six out of every 10 employees stole company data when they left their job last year, said a study of US workers. The survey, conducted by the Ponemon Institute, said that so-called malicious insiders use the information to get a new job, start their own business or for revenge. "They are making these judgements based out of fear and anxiety," the Institute's Mike Spinney told BBC News. "People are worried about their jobs and want to hedge their bets," he said. "Our study showed that 59% of people will say 'I'm going to take something of value with me when I go'." The Ponemon Institute, a privacy and management research firm, surveyed 945 adults in the United States who were laid-off, fired or changed jobs in the last 12 months. Everyone that took part had access to proprietary information such as customer data, contact lists, employee records, financial reports, confidential business documents, software tools or other intellectual property.

A consumer reporting agency that failed to properly screen prospective customers and, as a result, sold at least 318 credit reports to identity thieves, has agreed to settle Federal Trade Commission charges that it violated federal law. Under the settlement, the company and its principal must ensure that they provide credit reports only to legitimate businesses for lawful purposes, use a comprehensive information security program, and obtain independent audits every other year for 20 years. The settlement also imposes a $500,000 penalty but suspends payment due to the defendants' inability to pay. According to the FTC, the defendants use sensitive financial data from other consumer reporting agencies to create reports that landlords use to assess potential renters. These reports contain consumers' names, Social Security numbers, birth dates, bank and credit card account numbers, credit histories, and other personal information. The Commission alleges that the company failed to properly screen new customers. The company allegedly requested only publicly-available information from applicants seeking credit reports, and it did not request supporting documentation to establish that an applicant was actually a landlord renting property. As a result, identity thieves posing as property owners were given an account with unlimited online access to credit reports, and the account was used to access at least 318 reports containing sensitive personal information. The FTC charged the defendants with violating the Fair Credit Reporting Act (FCRA) by furnishing credit reports to persons who did not have a permissible purpose to obtain them, and by failing to maintain reasonable procedures to prevent such impermissible disclosures and to verify their customers' identities and how they intended to use the information. The agency also charged them with violating the FTC Act by failing to employ reasonable and appropriate security measures to protect sensitive consumer inform

Woonsocket-based CVS Caremark Corp., the largest U.S. drugstore chain, has agreed to pay $2.25 million to settle federal charges that company employees compromised customer privacy by throwing prescription records and drug bottles into open trash bins. The Federal Trade Commission said its investigation with the Health and Human Services Department followed media reports that trash bins behind CVS pharmacies contained pill bottles bearing patient names, credit-card and insurance information, and Social Security numbers. The company also did not have adequate policies for disposing of that information, and did not sufficiently train employees to dispose of the information properly, the agencies said. The items that were not properly discarded included pill bottles, medication instruction sheets, computer order forms, payroll information, job applications and credit-card and insurance information. Those labels and forms contained personal information including Social Security numbers and credit card and insurance information, and in some cases, driver's license numbers and account numbers. Names of the patients' doctors were also included. The settlement "will restore appropriate privacy protections to tens of millions of people across the country," FTC chairman William Kovacic said in a statement. "It also sends a strong message" that organizations "are required to secure consumers' private information," he said.

There were only two of us on the graveyard shift. "If it's not locked up," a colleague at my first newspaper declared as he snatched a folder of papers from our boss' desk and strode towards the office copying machine, "Xerox it." (Old-tongue for photocopy.) That was long before CDs, and USB drives and, certainly, iPods, but the lesson was the same. If you are stupid about protecting company information, shame on you. I guess that's the message behind the "revelation" released in a survey this week that the majority of people who leave their jobs, voluntarily or otherwise, are taking company information with them. Lots of it. My reaction was the same as when I watched my fellow journalist grab and copy whatever it was that had been so carelessly left in the open. I shrugged. (We are by nature an overly curious species, and that overrides our normally dominant ethics gene.) Data Loss Risks During Downsizing conducted by the Ponemon Institute and sponsored by Symantec, was apparently designed to test the hypothesis that in this dire economy (ominous music in background), former employees are going to take important company information out the door. And, in fact, the poll of 945 former employees who left their jobs or were dismissed in the last 12 months showed that 59% stole company data. What kind of data? Email lists, non-financial business information and customer information, including contact lists. Not the secret formula for Coke, not the clinical trial reports on a cure for cancer, no insider information on proposed mergers and acquisitions. Not even a few thousand credit card numbers. Hardly worthy of shock and dismay. This is what a lot of people do when they leave jobs. Are they supposed to? No. Is it wrong? Yeah, but it's sort of like cheating on taxes. Folks rationalize it in a variety of ways, or it just doesn't weigh heavily enough on their conscience to set off an internal alarm. Most of the people who took data - 79% â

Salesmen and parents know the technique well. It's called the takeaway, and as far as Keith Mularski is concerned, it's the reason he kept his job as administrator of online fraud site DarkMarket. DarkMarket was what's known as a "carder" site. Like an eBay for criminals, it was where identity thieves could buy and sell stolen credit card numbers, online identities and the tools to make fake credit cards. In late 2006, Mularski, who had risen through the ranks using the name Master Splynter, had just been made administrator of the site. Mularski not only had control over the technical data available there, but he had the power to make or break up-and-coming identity thieves by granting them access to the site. And not everybody was happy with the arrangement. A hacker named Iceman -- authorities say he was actually San Francisco resident Max Butler -- who ran a competing Web site, was saying that Mularski wasn't the Polish spammer he claimed to be. According to Iceman, Master Splynter was really an agent for the U.S. Federal Bureau of Investigation. Iceman had some evidence to back up his claim but couldn't prove anything conclusively. At the time, every other administrator on the site was being accused of being a federal agent, and Iceman had credibility problems of his own. He had just hacked DarkMarket and three other carder forums in an aggressive play at seizing control of the entire black market for stolen credit card information. ....In the end they would regret that decision. Iceman was right

A defunct payment gateway has exposed as many as 19,000 credit card numbers, including up to 60 Australian numbers. The discovery by a local IT industry worker was made by mistake and appears to be caused by a known issue with the Google search engine, in which the pages of defunct web sites containing sensitive directories remain cached and available to anyone. The cached data, viewed by iTnews, includes 22,000 credit card numbers, including CVVs, expiry dates, names and addresses. Up to 19,000 of these numbers could be active. Most are customers in the US and Britain although some are Australian. The credit card numbers are for accounts held with Visa, Mastercard, American Express, Solo, Switch, Delta and Maestro/Cirrus. Within the address bars of the cached pages are URLs of companies, including UK retailers of laboratory supplies, sports and health goods, apparel, photo imaging and clothing.

In this new age of data protection, where most information is stored digitally and paper shredding is commonplace, you don't need to worry about private information ending up in the garbage, right? Steve Hunt shows that assumption is just plain wrong (includes video).

For months somebody (I don't know who) has been running a Facebook profile that bears my name, my personal information and several photos of me. An old high school friend had connected with the faker, instead of me. Several of the people with whom fake Matt is friends also appeared to be fakes, including a copycat of Vertex Pharmaceuticals ( VRTX - news - people ) founder and chief executive Joshua Boger. (Boger has a real Facebook profile but isn't friends with me. He declined to comment on the fakesters.) I couldn't see this Fake Matt's profile myself, even by searching for my name.

With mounting concerns over online privacy and information gathering by search engines, Google has come up with a solution, Opt-out village, a 22-acre remote mountain enclave for those obsessed with privacy. According to trusted news network, ONN, access to the new privacy feature is simple. Just click the opt-out button on the Google home page. Within minutes, a van will arrive to sweep you away to Opt-Out Village nestled in the Pacific NorthWest. A team of privacy experts will eliminate your personal identifiers and guarantee that your name and address will not appear on Google local searches.

They may be after the phone, but what about the data? How much of your life is on your mobile device? Some misguided companies let employees use personal devices for work. I wonder what an auditor would say about due diligence and due care when data is leaked through such ignorance. Think, before you set a lax password, or none at all. Karl Thieves are increasingly going after iPhones and other smartphones but victims now can fight back with technology. One device allows a user to remotely activate a loud siren designed to rattle the thief. Another application, designed for iPhones, can reveal the phone's location. Police statistics show petty crime is down in New York but anecdotal evidence and recent headlines about street muggings targeting costly and coveted devices like Apple's iPhone and T-Mobile's Sidekick have disturbed smartphone users concerned about protecting access to e-mail, passwords and other data.

Thieves are increasingly going after iPhones and other smartphones but victims now can fight back with technology. One device allows a user to remotely activate a loud siren designed to rattle the thief. Another application, designed for iPhones, can reveal the phone's location. Police statistics show petty crime is down in New York but anecdotal evidence and recent headlines about street muggings targeting costly and coveted devices like Apple's iPhone and T-Mobile's Sidekick have disturbed smartphone users concerned about protecting access to e-mail, passwords and other data.

What would you think if I told you that I could walk into your datacenter, grab 10 of your servers and walk out without lifting any equipment or leaving any trace forensic evidence behind? With the growing momentum in the federal government for cloud computing and virtualization, this worst case scenario will become reality for some agencies leading the charge into the cloud. Here's why:

"Imagine that you are vacationing and get a phone call from your neighbor telling you that your alarm just went off, but there is nothing you can do about it. You don't know what set it off and if it is just a fluke. You find yourself now wide awake, asking yourself why you got the alarm to begin with. For iPhone users, the solution to this kind of situation lies in an application provided by CAVU Mobile Surveillance Solution. This app allows you to view live footage taken from any security camera on your iPhone, transforming it into a portable advanced home security system. With the CAVU Mobile Surveillance Solution, the next time a neighbor calls to tell you that your alarm has gone off again, you can automatically see what is going on inside your house on our phone- no matter where you are. This application also lets you save footage on your phone, which is useful in case you need to show/reference the footage on the go. From your phone you can even control the position of the camera - providing you with multi-camera views. If you're thinking to yourself right now about how you wish you had been nicer to your neighbor, because then he/she would be more likely to actually call you to tell you that there is a good chance you're being robbed- stop. This iPhone app also allows for poor neighbor to neighbor relations. It provides a self sufficient, independent of any neighbor, surveillance system on your phone to tell your that there is suspicious action going on. For a cool $19.99 you can be your own FBI squad team, the C, the, S and the I in CSI Crime Scene Investigation, and most importantly, sure that your home is safe."

On June 25, 2011, the Social Security Administration (SSA) will began assigning random Social Security Numbers (SSN). The current numbering process had been in place since it was created in 1936.