Skip to main content

Home/ CIPP Information Privacy & Security News/ Group items tagged following

Rss Feed Group items tagged

Karl Wabst

MediaPost Publications While You're Here: Crafting the 'Following Salesman' 07/22/2011 - 0 views

  •  
    If done artfully and well, mobile media and technology is capable of reversing a century-old model of selling -- where salespeople went to people's homes or waited for interested consumers to come to them. In some ways, mobile replaces the traveling and in-store salesmen with the newer (albeit slightly creepy) model of the "following salesman."
Karl Wabst

Twitter tools :: BtoB Magazine - 0 views

  •  
    With Twitter firmly established as the "conversation place to be," marketers are beginning to look for where they fit in. And that means tools. For the uninitiated, Twitter is a service that lets individuals exchange 140-character messages-via computer or mobile device-with groups of "followers." The result is a fast-and-loose, multidimensional conversation that falls somewhere in between blogging and text messaging, happening in real time between millions of users around the world. Luckily, the Web interface for Twitter.com is just the start of many ways to interact with and glean intelligence from Twitter conversations. There is big potential value for tapping into the Twitter-stream for insights into what customers are saying about your company's brand and its market. "Millions are leaning on Twitter pretty hard as a way to network and communicate with contacts new and old," said John Jatsch, a social marketing expert and operator of Duct Tape Marketing. He added that marketers have many options for how to use Twitter, including connecting with customers, monitoring conversations and testing new ideas. To use Twitter to its fullest, b-to-b marketers should consider using the following handful of tools and services: ??Twitter clients. It doesn't take long for most Twitter users to move beyond using Twitter.com to post and monitor their posts or "tweets." There are much more powerful tools at your disposal for reading, filtering, searching and posting to Twitter.com. The list of Twitter clients includes popular Mac client Twitterific; Adobe Air-based clients such as Twhirl, Tweetr and Spaz; Firefox add-ons like Twitterfox and TwitBin; and software that lets you track multiple social engines-such as Facebook, FriendFeed and even instant messaging as well as Twitter-like Digsby and AlertThingy. A new client receiving a lot of buzz is TweetDeck, which features a huge but customizable user interface that makes it easier to track posts, re
Karl Wabst

Visa: New payment-processor data breach not so new after all - security breach - Comput... - 0 views

  •  
    Days after Visa seemingly confirmed that a data breach had taken place at a third payment processor, following on the recent breach disclosures by Heartland Payment Systems and RBS WorldPay, the credit card company now is saying that there was no new security incident after all. In actuality, Visa said in a statement issued Friday, alerts that it sent recently to banks and credit unions warning them about a compromise at a payment processor were related to the ongoing investigation of a previously known breach. However, Visa still didn't disclose the identity of the breached company, nor say why it is continuing to keep the name under wraps. Visa said that it had sent lists of credit and debit card numbers found to have been compromised as part of the investigation to financial institutions "so they can take steps to protect consumers." It added that it currently "is risk-scoring all transactions in real-time, helping card issuers better distinguish fraudulent transactions from legitimate ones." Visa's latest statement follows ones issued by both it and MasterCard International earlier this week in response to questions about breach notices that had been posted by several credit unions and banking associations. The notices made it clear that they weren't referring to the system intrusion disclosed by Heartland on January 20 and suggested that a new breach had occurred.
Karl Wabst

Q&A: Advice to the next Homeland Security CPO - 0 views

  •  
    Outgoing CPO of the Department of Homeland Security Hugo Teufel discusses his team's accomplishments and the challenges ahead for his successor. If you had a chance to pose any question to the person in charge of protecting Americans' privacy as the U.S. Department of Homeland Security executes its mission, what would you say? I had that chance this month when Hugo Teufel, departing chief privacy officer at the DHS, delivered an address, entitled "Reflections on My Time as DHS CPO of the War on Terror," to the Twin Cities Privacy Retreat. After the address, I cornered Teufel for some follow-up questions. Those and his answers follow.
Karl Wabst

Commercial Twitter spamming tool hits the market | Zero Day | ZDNet.com - 0 views

  •  
    Last week, a commercial Twitter spamming tool (tweettornado.com) pitching itself as a "fully automated advertising software for Twitter" hit the market, potentially empowering phishers, spammers, malware authors and everyone in between with the ability to generate bogus Twitter accounts and spread their campaigns across the micro-blogging service. TweetTornado allows users to create unlimited Twitter accounts, add unlimited number of followers, which combined with its ability to automatically update all of bogus accounts through proxy servers with an identical message make it the perfect Twitter spam tool. TweetTornado's core functionality relies on a simple flaw in Twitter's new user registration process. Tackling it will not render the tool's functionality useless, but will at least ruin the efficiency model. Sadly, Twitter doesn't require you to have a valid email address when registering a new account, so even though a nonexistent@email.com is used, the user is still registered and is allowed to use Twitter. So starting from the basics of requiring a validation by clicking on a link which will only be possible if a valid email is provided could really make an impact in this case, since it its current form the Twitter registration process can be so massively abused that I'm surprised it hasn't happened yet. Once a Twitter spammer has been detected, the associated, and now legitimate email could be banned from further registrations, potentially emptying the inventory of bogus emails, and most importantly making it more time consuming for spammers to abuse Twitter in general. If TweetTornado is indeed the advertising tool of choice for Twitter marketers, I "wonder" why is the originally blurred by the author Twitter account used in the proof (twitter.com/AarensAbritta) currently suspended, the way the rest of the automatically registered ones are? Pretty evident TOS violation, since two updates and 427 followers in two hours clearly indicat
Karl Wabst

Getting PCI compliant - 0 views

  •  
    Date: Tuesday, February 10, 2009 Time: 2:00 p.m. EST/11:00 a.m. PST Follow the link below to register: http://sc.haymarketcomm.net/r/?ZXU=775318&ZXD=33050957 Organizations are still struggling to get into compliance with PCI DSS, especially as the PCI Security Standards Council continues to update and tweak the standards. There's much to keep in mind and even more to do in order to adhere to the mandates, so what are the critical steps to get there. Experts share their know-how. Featured speakers Rich Mogull, L.L.C., Founder and Principle Analyst, Securosis Murray Rosenthal, CISA, Senior Policy Analyst - Security I&T Strategic Planning & Architecture Information & Technology Division, City of Toronto Sponsored by Symantec http://sc.haymarketcomm.net/r/?ZXU=775319&ZXD=33050957 Follow the link below to register: http://sc.haymarketcomm.net/r/?ZXU=775320&ZXD=33050957
Karl Wabst

Consumer Policy Solutions :: New Survey Raises Consumer Online Privacy Awareness - 0 views

  •  
    Jan. 27 /PRNewswire-USNewswire/ -- Consumer Policy Solutions today released a new survey examining consumer awareness and understanding of online privacy. With Data Privacy Day tomorrow, this is an especially timely survey intended to help raise consumer awareness of privacy issues and give consumers the knowledge and tools needed for the privacy they desire online. Many consumers are not fully aware of the implications of their online activity and the "virtual breadcrumbs" they inadvertently leave behind when roaming from site to site. This survey, which follows closely on the heels of a Consumer Policy Solutions survey released in May that revealed protecting personal privacy is a top consumer concern, takes a closer look at consumers understanding of online privacy. Many respondents were unaware of the tracking, collecting and sharing of information that occurs as a result of online activities. "Consumers care about protecting their privacy on the Internet, but they do not necessarily know how to protect themselves nor do they understand how the process works," said Debra Berlyn, president of Consumer Policy Solutions. "Today is a great day to raise awareness of what the issues are for consumers. I think our survey serves as a good gauge of how consumers view their privacy online." In response to the findings of the survey, Consumer Policy Solutions is launching a website www.ConsumerPrivacyAwareness.org dedicated to educating and informing consumers about online privacy issues. The survey found that: * Consumers think they are knowledgeable about online privacy, but many are unaware of how their activity and behaviors can be followed and collected online. o 70% of Internet users say they are very or fairly knowledgeable about how to protect their personal privacy online o 42% are unsure whether their online activity is tracked and recorded by companies for commercial purposes o 12% believe that tracking by companies for co
Karl Wabst

Advertising - Two-Thirds of Americans Object to Online Tracking, Study Says - NYTimes.com - 0 views

  •  
    ABOUT two-thirds of Americans object to online tracking by advertisers - and that number rises once they learn the different ways marketers are following their online movements, according to a new survey from professors at the University of Pennsylvania and the University of California, Berkeley.
  •  
    ABOUT two-thirds of Americans object to online tracking by advertisers - and that number rises once they learn the different ways marketers are following their online movements, according to a new survey from professors at the University of Pennsylvania and the University of California, Berkeley.
Karl Wabst

IT staff snooping on colleagues on rise: survey | Technology | Reuters - 0 views

  • More than one-third of information technology professionals abuse administrative passwords to access confidential data such as colleagues' salary details or board-meeting minutes, according to a survey. Data security company Cyber-Ark surveyed more than 400 senior IT professionals in the United States and Britain, and found that 35 percent admitted to snooping, while 74 percent said they could access information that was not relevant to their role. In a similar survey 12 months ago, 33 percent of IT professionals admitted to snooping. "Employee snooping on sensitive information continues unabated," Udi Mokady, CEO of Cyber-Ark, said in a statement. Cyber-Ark said the most common areas respondents indicated they access are HR records, followed by customer databases, M&A plans, layoff lists and lastly, marketing information. "While seemingly innocuous, (unmanaged privileged) accounts provide workers with the 'keys to the kingdom,' allowing them to access critically sensitive information," Mokady said. When IT professionals were asked what kind of data they would take with them if fired, the survey found a jump compared with a year ago in the number of respondents who said they would take proprietary data and information that is critical to maintaining competitive advantage and corporate security. The survey found a six-fold increase in staff who would take financial reports or merger and acquisition plans, and a four-fold increase in those who would take CEO passwords and research and development plans.
  •  
    You systems administrator knows more about you than you think.
  •  
    More than one-third of information technology professionals abuse administrative passwords to access confidential data such as colleagues' salary details or board-meeting minutes, according to a survey. Data security company Cyber-Ark surveyed more than 400 senior IT professionals in the United States and Britain, and found that 35 percent admitted to snooping, while 74 percent said they could access information that was not relevant to their role. In a similar survey 12 months ago, 33 percent of IT professionals admitted to snooping. "Employee snooping on sensitive information continues unabated," Udi Mokady, CEO of Cyber-Ark, said in a statement. Cyber-Ark said the most common areas respondents indicated they access are HR records, followed by customer databases, M&A plans, layoff lists and lastly, marketing information. "While seemingly innocuous, (unmanaged privileged) accounts provide workers with the 'keys to the kingdom,' allowing them to access critically sensitive information," Mokady said. When IT professionals were asked what kind of data they would take with them if fired, the survey found a jump compared with a year ago in the number of respondents who said they would take proprietary data and information that is critical to maintaining competitive advantage and corporate security. The survey found a six-fold increase in staff who would take financial reports or merger and acquisition plans, and a four-fold increase in those who would take CEO passwords and research and development plans.
Karl Wabst

Generally Accepted Privacy Principles Intro - 0 views

  •  
    At a minimum, we need some sort of framework to act as a guide for protecting the privacy of various types of personally identifiable data that we generate, store or consume and share with others.
    The following section introduces the Generally Accepted Privacy Principles (GAPP), developed by the A
Karl Wabst

Selling Change - What Is In It For Me? - 0 views

  •  
    Several years ago I was helping firms prepare for their first SOX (Sarbanes-Oxley) compliance audits. Following is one of the experiences I had training corporate executives, staff and even auditors about the benefit of selling change...

    I walked into the Chief Information Officer's office, not k
Karl Wabst

Federal data breach notification law passes in U.S. House - 0 views

  •  
    "The United States House of Representatives took a major step this week toward enacting a national data breach notification law. H.R. 2221, the Data Accountability and Trust Act (DATA), cleared the House with a voice vote. In its current form, DATA requires businesses to notify customers and the Federal Trade Commission (FTC) if sensitive information has been exposed to a security breach. If the U.S. Senate can reconcile its own approach to data breach notification legislation with DATA, a new federal standard will emerge. If signed into law by President Barack Obama, a federal data breach ¬law would pre-empt the jumbled mass of dozens of state laws. "You'd be better served by federal legislation if the federal legislation has teeth and doesn't pre-empt the state's law," said California state senator Joe Simitian, speaking to executive editor Scot Petersen in September. "If there was a meaningful standard at the national level, I think many states would be happy to accept it." Aside from the data breach notification required by the HITECH Act, DATA would put into place the first national law of its kind. H.R. 2221 was sponsored by House Subcommittee Chair Rep. Bobby L. Rush of Illinois. The bill specifically states that: "Any person engaged in interstate commerce that owns or possesses data in electronic form containing personal information shall, following the discovery of a breach of security of the system maintained by such person that contains such data -- 1. notify each individual who is a citizen or resident of the United States whose personal information was acquired by an unauthorized person as a result of such a breach of security; and 2. notify the Federal Trade Commission."
Karl Wabst

Morrison & Foerster : Legal Updates & News : Legal Updates : Court Issues Decision Limi... - 0 views

  •  
    "Yesterday, the U.S. District Court for the District of Columbia issued the attached opinion upholding the American Bar Association's challenge to the FTC's Identity Theft Red Flags Rule and enjoining the FTC from enforcing its Rule against lawyers. This memorandum opinion follows an October 29 oral argument and bench ruling. This ruling may have significance beyond the legal profession, and may limit the FTC's ability to enforce its Red Flags Rule against professionals, retailers, health care providers and other businesses that bill their clients and customers in a manner similar to lawyers. "
Karl Wabst

Verizon report goes deep inside data breach investigations - 0 views

  •  
    "Hackers are using a variety of weapons and exploiting errors such as default passwords and weak or misconfigured access control lists (ACLs), according to the latest Verizon Business Data Breach Investigations Report. The follow-up to April's 2009 Data Breach Investigation Report looks under the hood of the company's probes, analyzing how breaches happen and how to protect sensitive data. "Customers who read the 2009 Data Breach Investigation Report said they wanted to know how these attacks take place, give some examples from our caseloads and see if those circumstances can happen to them," said Wade Baker, Verizon Business research and intelligence principal. "
Karl Wabst

Group: Online Ad Networks Mostly Comply With Privacy Rules - PC World - 0 views

  •  
    "Despite concerns from some privacy groups and U.S. lawmakers about behavioral advertising, most large advertising networks generally comply with a set of privacy and data-handling standards adopted by the Network Advertising Initiative a year ago, the NAI said in a report released Wednesday." ...NAI, whose members include Google, Yahoo and Advertising.com, should be praised for doing a compliance report after skipping it for several years, said Ari Schwartz, vice president and chief operating officer CDT. However, the group should consider using a third party to audit compliance of its privacy guidelines, instead of having NAI staff do the audits, he said. In addition, while NAI members appear to be following most of the guidelines, some of the privacy safeguards are "weak," including the data retention standard, he said. "There's no maximum for data retention -- they just have to state what their data retention policy is," Schwartz added. The NAI report doesn't lessen the need for new privacy laws, Schwartz said. Several online advertising networks are not members of NAI, and the recent public pressure has led to the NAI updating 8-year-old guidelines last year and issuing a compliance report for the first time in several years, although the group had promised regular reports, he said. "It seems that when there's regulatory pressure, they actually do comply with what they said they were going to do," he said. "We certainly wouldn't want to see any regulatory pressure lifted."
  •  
    Worth a read. The story changes quite a bit from the top to bottom of the story.
Karl Wabst

FOXNews.com - Terror Plot Provides Snapshot of Struggle Between Security, Privacy - 0 views

  •  
    "The attempted attack on a Detroit-bound flight last week, along with the events preceding and following it, has provided a snapshot of the ongoing struggle to balance civil liberties and national security. President Obama on Tuesday admitted a "systemic failure" on multiple levels in the run-up to the attempted bombing. Suspect Umar Farouk Abdulmutallab was in a terror database of more than a half-million people but was not on a "no-fly" list. The administration has initiated a review of airport security and the watch-list system in the wake of the failed plot. But so far, analysts say what happened is emblematic of the struggle between privacy and security interests. "It's just (an) inability to understand the right way to strike the balance that's at fault," said constitutional attorney David Rivkin. Airlines don't have access to the government's comprehensive terrorist database. They screen travelers based on the smaller, "no-fly" list."
  •  
    Perhaps this is more a question of trust (not privacy) versus security. Do we really trust our government and its agents to handle private information securely?
Karl Wabst

UN issues call for international privacy agreement * The Register - 0 views

  •  
    "A UN watchdog has called for a new international agreement on privacy following a review of the expanding global array of surveillance measures and databases advanced by governments in the cause of counter-terrorism. The special rapporteur on human rights, Martin Scheinin, said the UN should create a "a global declaration on data protection and data privacy" in response. His report, delivered to the UN's Human Rights Council, describes the expansion of watchlists, border checks, financial data sharing, interception of communications, biometrics and ID registers in recent years. "States no longer limit exceptional surveillance schemes to combating terrorism and instead make these surveillance powers available for all purposes," he added."
Karl Wabst

Heartland, After The Hacking -- InformationWeek - 0 views

  •  
    "On January 20, 2009, Heartland Payment Systems reported discovering malicious software in its payment processing system, a security breach of potentially massive magnitude given that the company's handles 100 million transactions per month for more than 250,000 businesses. While the monetary and data loses following from the penetration of Heartland's systems -- the compromise that lasted for months -- are still being determined, the financial impact on Heartland's stock price alone was devastating. " The breach, in conjunction with the economic downturn, led to the loss of about $500 million in shareholder value, more than three-quarters of the company's market capitalization, two months after the news was announced. And then there's the cost of more than several dozen breach-related lawsuits filed against the company this year and related expenses. According to slides presented in August at a National Retail Federation Conference by Robert O. Carr, Heartland's founder, chairman and CEO, the breach cost the company $32 million in legal fees, fines, settlements, and forensics during just the first half of the year.
Karl Wabst

Are retailers going too far tracking our Web habits? - USATODAY.com - 0 views

  •  
    "Sherry Natoli is followed everywhere she goes while shopping online, but she doesn't mind at all. Natoli, who owns a seashell business in Tampa, does all but her grocery shopping on the Internet and even opts in whenever she's asked whether she's willing to have her online movements tracked by websites." Companies have been monitoring our online behavior for almost as long as there's been an Internet, often using our online footsteps (cookies) whenever we search, browse or buy online. Tracking technology has advanced so much that everything from how long we linger over a product description to whether we are searching for sexual-dysfunction drugs can be collected and stored on individual profiles. Our profiles are numeric descriptions, not our real names, but in some cases, it's not hard to determine personal information behind the numbers. Privacy concerns abound, and several privacy and consumer groups are urging Congress to enact laws on what can and can't be collected and for how long.
Karl Wabst

EU starts action against Britain over data privacy | Industries | Technology, Media & T... - 0 views

  •  
    The European Commission started legal action against Britain on Tuesday for what the EU executive called a failure to keep people's online details confidential. EU Telecoms Commissioner Viviane Reding said the action related to how Internet service providers used Phorm (PHOR.L) technology to send subscribers tailor-made advertisements based on websites visited. Reding said Internet users in Britain had complained about the way the UK applied EU rules on privacy and electronic communications that were meant to prohibit interception and surveillance without the user's consent. "Technologies like Internet behavioural advertising can be useful for businesses and consumers but they must be used in a way that complies with EU rules," Reding said in a statement. "We have been following the Phorm case for some time and have concluded that there are problems in the way the UK has implemented parts of the EU rules on the confidentiality of communications," Reding said. She called on Britain to change its national laws to ensure there were proper sanctions to enforce EU confidentiality rules. Unless Britain complies, Reding has the power to issue a final warning before taking the country to the 27-nation EU's top court, the European Court of Justice. If it rules in favour of the European Commission, the court can force Britain to change its laws. (Reporting by Huw Jones, editing by Dale Hudson)
  •  
    making best indexing in goggle and bing. RADJASEOTEA is a master of backlinks. You want indexing in goggle and bing. LOOK THIS www.fiverr.com/radjaseotea/making-best-super-backlink-143445
1 - 20 of 92 Next › Last »
Showing 20 items per page