HIPAA

With the importance of protecting our healthcare information and the HIPAA law that mandates the data’s protection, recent attempts at implementing the Affordable Care Act, using the “healthcare.gov” website have failed on many levels. Shengru Tu, Professor of Computer Science at the University of New Orleans, stated in the article “Problems with Affordable Care Act … Read more

Chain Emails

The organization that you work for has an email policy that prohibits forwarding chain e-mail. What is the purpose for implementing such a rule within the company’s policy? The obvious answer is probably the most practical.  By having a security policy in place prohibiting chain emails, you can cut down on inane interruptions to workflow … Read more

Audits

Why is it important to involve a wide variety of employees during the audit process? Auditing isn’t only a critical procedure, it can also be an informative one.   By involving all facets of employment in an auditing procedure, you gain perspectives and flesh out misconceptions from the ground up.  By involving everyone from the … Read more

Password Crisis

Recent events have brought to light the vulnerability of our industry, and our systems in general. Late last month, immediately following the election, where numerous radio stations were hijacked and involuntarily played offensive content. (Ars Technica, 2016) Though no charges were filed for the involuntary breach of compliance, one can see where this new possibility … Read more

Social Engineering

What makes social engineering so successful? Demographically speaking, list in order the people most susceptible to least susceptible affected by social engineering. Give at least three different groups. There’s a sucker born every minute” – P.T. Barnum.  …probably.  Social Engineering works because it exploits the machinations of community.  You trust your neighbor because you want … Read more

Protecting your data on the web from e-mail to e-commerce: What the average user needs to know.

It seems almost everyday someone from the sales department asks me, ‘Why is security important?’ ‘Why do we have passwords on everything?’ ‘Can’t we make it easier?’ We do a lot of our business online, and email is an integral part of our organization. If any of our clients data is ever compromised we could … Read more

Sustainable Security

Past Practices in Information Security and Potential Predictions of Future Vulnerabilities I remember the day I became interested in computer security. I was thirteen years old, and it was the year 2000. Everyone was in a panic over the computers, proclaiming the end of the world, and as a susceptible and impressionable teenager, I believed … Read more