-
-
Subscribe by Email
Categories
-
Recent Posts
Archives
Author Archives: Steve Addison
SSL All The Time? Secure Web Application Development
Paul Ducklin at Sophos has published a very nice review article discussing why web applications which use SSL (encrypted) connections for login processing should use SSL throughout the application, and shouldn’t revert to unencrypted connections once the user has been … Continue reading
Posted in Information Security
Leave a comment
Pass IT On – a Great, and Security-Aware, Program
I recently heard about Pass IT On – an initiative designed to help some of the 10 million “digitally excluded” people in the UK get online. The idea is to help people to help their own friends and family get … Continue reading
Posted in Education
2 Comments
4 Easy Steps to Outline Your Security Awareness Class
You’ve been asked to prepare a security awareness training session to be presented in a classroom, or a staff meeting, or online as a webinar … and you don’t know where to start. Here’s a simple 4-step process that might … Continue reading
Why You Need a Strong Password for Your Cell Phone
You don’t store any confidential information or account numbers or your Social Security number on your phone – you just use it for calling, text messaging, and sending and receiving emails. You don’t even browse the Internet, and you certainly … Continue reading
Posted in Information Security
Leave a comment
The Duhs of Security – A Free Security Awareness Video
The Commonwealth of Virginia posted a nice security awareness video to YouTube. The video makes good use of humor incorporating impressions of celebrities (Arnold Schwarzenegger, Jack Nicholson …) but it doesn’t distract from the content. You could send out the … Continue reading
Posted in Education, Information Security
Leave a comment
‘Who’s Viewed Me?’ on Facebook
People keep falling for this one, so it’s worth reminding them – there isn’t a way to see who’s viewed your profile on Facebook, and any application that offers to do this for you is a scam. In fact, Facebook … Continue reading
Posted in Information Security
Leave a comment
Copyright in Security Awareness Training Materials
If you’re encouraging best practices, don’t weaken your message by breaking the law. Every now and then, I see a security awareness training presentation that makes extensive use of material from other sources – usually images and/or text copied from … Continue reading
Professor Demoted After Computer Security Breach
The Herald Sun of Durham, NC is reporting that Professor Bonnie Yankaskas, a professor in the Department of Radiology and principal investigator of the Carolina Mammography Registry, has been demoted from full professor to associate professor, and her salary has … Continue reading
Posted in Information Security
Leave a comment
Security Awareness and Social Networks: Why You Should Care, and What You Should Teach
You might have been avoiding it until now – thinking that social networking (Facebook, MySpace, LinkedIn …) is just a passing trend, or it’s only used by teenagers, or people only use it to exchange photos and jokes. But, if … Continue reading
Posted in Education, Information Security
2 Comments
Poor Delivery – 5 Reasons Why Security Awareness Training Programs Fail – Part 2
You can have the best content in the world – well-written and illustrated, perfectly aimed at your target audience … – and your program will still fail if the delivery is poor. Whether it’s a boring presentation in the classroom, … Continue reading
Posted in Education, Information Security
2 Comments