-
-
Subscribe by Email
Categories
-
Recent Posts
Archives
Author Archives: Steve Addison
Security Awareness and Climate Change – Scaring People is Not the Right Approach
Far too many security awareness training programs start with a series of horror stories about hackers and identity theft, lost money and damaged reputations, privacy breaches and deleted computer files. Before long, the average student starts to tune out – … Continue reading
Posted in Education, Information Security
1 Comment
Sometimes Hackers Use Hardware
Hackers don’t always try to break into computer systems through the Internet, or by using malicious software (malware) in email attachments. If they can gain physical access to computers, there’s often a simpler way. Several public libraries in the UK … Continue reading
Posted in Information Security
Leave a comment
Stealing Passwords from a Locked iPhone – More Smart Phone Insecurity
Another reminder – as if we needed it – that smart phones and mobile devices are increasingly the targets for hackers. This time, it’s an iPhone issue. German researchers claim to be able to steal passwords stored on a locked … Continue reading
Posted in Information Security
Leave a comment
Medical Identity Theft – Advice from the FTC
The FTC has posted a useful guide to “medical identity theft” for health care providers and insurers. Medical identity theft occurs when someone obtains health care services e.g. treatment, prescription drugs … using the identity of someone else, or when … Continue reading
Posted in Information Security
1 Comment
HIPAA Happens – A Video from UNLV
Looking for a video to show your staff some of the ways that they might breach the HIPAA Privacy and/or Security rules? Here’s a short (5 minute) YouTube video from UNLV called HIPAA Happens that illustrates some possible scenarios. Send … Continue reading
Posted in Compliance, Information Security
Leave a comment
Security Benefits of Cloud Computing
Cloud computing is filled with buzzwords and, for many people, fear of the unknown. And a lot has been made of the security risks that might result from cloud computing. However, for many organizations (especially small businesses and non-profits), judicious … Continue reading
Posted in Information Security
Leave a comment
Privacy and Security Rules Cover Information – Not Technology
With few exceptions, rules relating to privacy and security such as HIPAA and GLBA (Gramm Leach Bliley) cover the information, and don’t specifically relate to any particular technologies. So, they apply whether you’re using your PC, a fax machine, a … Continue reading
Posted in Compliance, Information Security
Leave a comment
Even If You Expect An Email Attachment, It’s Not Always Safe
The FBI recently issued a warning about malware included in email attachments responding to online job postings. They quote the case of a US business that lost more than $150,000 after an employee opened an attachment that had been sent … Continue reading
Posted in Information Security
Leave a comment
Smart Phone (In)Security
Even if you don’t issue your staff with smart phones, and you prohibit them from storing sensitive data on them, they’re still very likely to use them to exchange emails and to talk about about business matters. This short post … Continue reading
Posted in Information Security
Leave a comment
Engaging Your Staff in Security Requires Leadership – Not Free Coffee Mugs
Over the years, I’ve heard a lot about how important it is to ‘engage’ staff in information security, but very little about how to do this in practice. And what little advice I see seems to be limited to providing … Continue reading
Posted in Education
Leave a comment