I’ve been reading up on new products lately and there are certainly some interesting ones out there. But what’s also interesting is that many vendors still include the great security lie in their product literature.  Sometimes it’s up front, sometimes it’s buried, but it’s easy to spot because it contains a phrase like, “absolutely secure”, […]

The Internet has been around so long that domain registrations have become a commodity.  The competition is fierce, and margins are small. Registrars compete for your business not only on price, but also on added features like bundled hosting and DNS service. And among the sales tactics is the offer of free domain registrations. The […]

Non-profits, co-ops, and other organizations that depend upon volunteers often have challenges when it comes to protecting corporate information assets against individuals who leave the organization.  For example, I’ve recently been dealing with a situation involving the use of Yahoo Groups.  While it’s a great way to share information with a group of people, here’s […]

Sometimes in security, and life in general, it’s the seemingly small issues that cause problems.  As the saying goes, “The devil is in the details.” Take dates for example.  If I were to suggest we meet for a 10:00 coffee on 07/10/09, when should you show up?  Most of you would assume that 09 is 2009.  […]

There’s a lot of information about the Payment Card Industry Data Security Standard (PCI DSS) on the Internet, but if you’re looking for a good overview, check out eNable’s Quick Guide to PCI Compliance video.  Their fifteen minute presentation is both technically correct and presented in language that anyone can understand – a refreshing change […]

One of the reasons that security programs aren’t always as effective as they should be is that organizations of all sizes often fail to ask the most important question: What is security? Security is often categorized as physical security, personnel security and information security. Much of the reason is historical.  Back before computers, corporate security […]

During the last decade a lot of money has been spent trying to protect information systems. Firewalls, intrusion detection systems, two-factor authentication and other technical controls sometimes make good business sense when applied as part of comprehensive security program.  But what we’re not good at yet is the human firewall. Scott Wright, an Ottawa-based security […]

Starting today, Passports or Enhanced Driver’s Licences will be needed to drive across the Canada/US border. I don’t have any issue with requiring proof of identity and citizenship to cross an international border, and I really like the concept of offering a wallet-size alternative to the passport. But adding RFID to that wallet-sized card is […]

I’ve been avoiding writing about pandemic planning for a while because there has simply been too much hype.  But there is a positive side to all this:  Companies, through their pandemic planning, are hopefully making workplaces safer and taking a look at their business continuity plans. Every year we have “flu season”.  And every year […]

There’s a great poster over at Despair Inc. that reads, “It could be that the purpose of your life is only to serve as a warning to others.” In the security field we strive to keep our employers and clients out of that category.  However, reality is such that we often learn best from our mistakes […]

Twitter was a buzz again last week due to another security breach.  In summary, a criminal claims to have obtained access to a Twitter administrator’s Twitter password by guessing the secret question to reset the administrator’s password on a Yahoo e-mail account. Twitter confirmed that the intruder gained access to information on ten accounts including […]

When it comes to children and the Internet, there is no substitute for parental supervision. It’s certainly not wrong to use parental control software, but parents must understand that software is intended to assist, not do their job for them. The problem is that many vendors don’t seem to appreciate the difference. Thanks to Norton, […]