Once data has been classified and we know what types of sensitive data a system stores or processes, we have to locate the data we want to protect. Data exists in one of two states – it is either at rest or in transit. We have to ask two questions: 1) Where does the data…
DetailsProtecting sensitive data requires an expenditure of money, time, and effort. We want to protect all of our client’s sensitive data, but we don’t want to waste resources on data that is not sensitive . In addition, some kinds of data require more protection than others. We need a way to identify and classify sensitive…
DetailsWhat is “Sensitive Information”? This second part part of a multi-part series on creating an information management plan for business clients. Basically, any information that your client would not want posted on the bulletin board is potentially sensitive information. Many clients will say that they to not have that much sensitive data on their systems.…
DetailsA second worm to hit the iPhone has been unearthed by security company F-Secure. It is specifically targeting people in the Netherlands who are using their iPhones for internet banking with Dutch online bank ING. It redirects the bank’s customers to a lookalike site with a log-in screen. The worm attacks “jail-broken” phones – a…
DetailsMy apologies for the lapse in Security Corner Posts. The next one will continue the series on building an Information Management Plan for clients. There has been a lot of talk the past couple of weeks about the recently-discovered session renegotiation vulnerability in SSL. If you are interested in the details, here is a link…
DetailsI come from several hundred years of Mennonite tradition as a heritage. In the years of migratory history, our basic tenets were: Exemption from military service Freedom to have our own schools While I’m grateful and proud of our history of peace, I am even more grateful to the veterans and their families that have…
DetailsWOW! That’s the typical response when people’s computer boots up in half the time it did just 10 minutes ago. Chances are quite good you can have this experience. Assuming your Windows computer is spyware, adware and virus-free, there are 5 simple steps you can easily do yourself or have your favourite IT person (we…
DetailsAt least that’s the word from this banking industry report. The explosion of bogus antivirus “rogue” scams is largely responsible for the increase. Targeted phishing attacks (spear phishing) have also risen sharply. Corporate bank accounts are still the juiciest targets, but medium and even small businesses are also being attacked because they often have lower…
DetailsThis will come as no big surprise to most of us, but the threat model for cybersecuriy has shifted considerably in the past couple years. Believe it or not, operating system security has gotten better. The number of vulnerabilities is down, and more people are getting automatic updates and keeping their operating systems patched. This…
DetailsIt’s NOT the Tax Man – It’s ZEUS The biggest email phishing scam on the internet is aimed at Americans, but might even pull in a few Canadians who do business in the US. It asserts that US Internal Revenue Service is contacting you about unclaimed income. Most of us are afraid of those “two…
Details
