Home/Privacy Compliance

I am an OPM Data Breach Victim- Next Steps

Nearly six months after the fact, I received a letter from the Office of Personnel Management notifying me that my information had officially been lost in the June 2015 breach. To add insult to injury, I was never actually a federal government employee. A few years ago, I consulted on a few enterprise systems migrations and implementations for The Federal Reserve [...]

By |2020-01-17T21:21:43+00:00November 30th, 2015|Privacy Compliance|0 Comments

Privacy: Do Customers Deserve an Independent Audit Report?

Electronics are becoming a commodity - there's not much profit from selling cell phones or laptops anymore (unless you're apple). So most companies are moving away from investing in hardware as their core business and shifting towards services. Services come in many shapes and sizes, but usually include consulting services, applications, or analyzing and selling customer data. Customer data is where it becomes interesting. [...]

By |2020-01-17T21:21:48+00:00November 23rd, 2015|Privacy Compliance|3 Comments

Data in Transit- Bridging the Gap between Data Owners and Custodians

Ensuring both the integrity and confidentiality of data as it traverses an organization’s internal network and beyond can be complex, especially when attempting to bridge the gap between the Data Owner and Data Custodian, who typically view the organization from very different angles. This presents the IT auditor with a great opportunity to act as the liaison between Data Owners and [...]

The 50 Most Used Passwords!

Last week I helped a few friends with setting up a new website for their business and their associated email accounts for the domain. At one point in the process, one of them told me the password they wanted to use to access the site. Not shockingly, it was something rudimentary and simple. Despite more and more of us being educated [...]

Mobile App Security: User Data Collection and Privacy Concerns

A new study by Carnegie Mellon University finds that many mobile apps collect location data on users almost constantly allowing app creators to track user behavior. This is just one of many data elements mobile phones are collecting on their users raising security concerns for individuals and for the Companies whose employees have smart phones. This presents more questions about how [...]

By |2020-01-17T21:26:29+00:00March 30th, 2015|Privacy Compliance|0 Comments

The Next Big Security Concern: The Internet of things and harvesting your private conversations

Samsung Smart TV Terms and Conditions People often ask what "the next big thing" around IT security will come about next. In years past we've seen the rise of "big data", "the cloud", "cybersecurity", and so on - but what's next? I personally think one of the biggest unsolved problems in tech is the security of the "internet of things". The "internet [...]

By |2020-01-17T21:26:29+00:00March 26th, 2015|Privacy Compliance|0 Comments