Access Control

New security standards for mobile payments coming

Angela Moscaritolo June 18, 2009

A financial services technology group is developing standards for making secure mobile payment transactions.
 

Identity theft ring busted in New York

Chuck Miller May 28, 2009

Using financial information purchased from crooked bank insiders, a ring of thieves stole millions of dollars.
 

Process over trust: Will we ever learn?

Jeff Nielsen, director of development and quality assurance, Symark International May 27, 2009

To give businesses greater confidence in privilege management, we must define, implement, monitor and enforce processes for delegating administrative access.
 

Octomom's hospital fined

Angela Moscaritolo May 15, 2009

California health officials have fined Kaiser Permanente Hospital $250,000 after hospital employees illegally accessed medical records for octuplet mother Nadya Suleman. Hospital spokesman Jim Anderson told the Associated Press the state found that the hospital did not do enough to prevent the privacy breach. The hospital did, however warn workers to stay away from Suleman's files. — AM
 

Cloud computing providers require strong audits

Angela Moscaritolo May 11, 2009

Companies must develop better ways of evaluating the security and privacy practices of the cloud services they utilize, according to a report by Forrester released Friday.
 

Mass. police snooped on celebrities' records

Angela Moscaritolo May 06, 2009

Massachusetts law enforcement personnel tapped into the state criminal records database and inappropriately viewed the personal records of celebrities on dozens of occasions, according to a state audit released Tuesday.
 

Hackers seek payment after break-in on state health care site

Dan Kaplan May 05, 2009

Security experts remain puzzled how hackers orchestrated their compromise of a Virginia state health care website.
 

Former IT head admits guilt

Dan Kaplan May 01, 2009

The former IT director at the Houston-based LifeGift Organ Donation Center has pleaded guilty to charges she illegally accessed the organization's network to delete data, according to a U.S. Department of Justice news release on Thursday. Danielle Duann, 51, remotely accessed the network from her home, two days after she was fired in November 2005. She deleted a number of files, applications and backups related to LifeGift's organ and tissue procurement operation, causing $94,200 in damage. She is scheduled to be sentenced in July and faces up to 10 years in prison. — DK
 

PCI expands security testing

Chuck Miller April 24, 2009

The PCI Security Standards Council has expanded its PIN entry device security requirements program to two new types of devices: Unattended payment terminals (such as ticket kiosks) and hardware security modules (used for card personalization and PIN translation). The devices can now be rigorously tested for approval by the Council's labs to ensure compliance with PCI Standards, according to a statement. — CAM
 

Tenn. welfare worker charged

Angela Moscaritolo April 07, 2009

A former child support services worker in Tennessee was arrested after selling the personal information of approximately 1,600 people to an undercover state crime investigator. Steven Gilmore, 27 of Nashville worked for Policy Studies, a private company that operates child support programs, where he had access to personal data. A federal criminal complaint alleges that on three occasions Gilmore sold a total of 35 names, birth dates, and Social Security numbers, according to a news release from the Tennessee Bureau of Investigation. — AM
 

Inside threat: The power of privilege

Adam Bosnian, Cyber-Ark Software April 06, 2009

Identifying your greatest risks and threats is the first step in safeguarding your organization.
 

Octomom's hospital records accessed, 15 workers fired

Angela Moscaritolo March 31, 2009

Kaiser Permanente Bellflower Medical Center recently fired 15 hospital workers for accessing the medical records of octuplet mother Nadia Suleman without permission.
 

Convenience or security?

Dan Kaplan February 24, 2009

Consumers would prefer to use the same one or two passwords for all websites they access and have little interest in using password management solutions or adopting a federated identity framework, such as OpenID, according to a survey released Tuesday from Gartner. Four thousand U.S. adults polled in September said they are unwilling to sacrifice convenience for security, consistent with previous findings. As a result, site owners must provide a "compelling justification" for customers to use additional security, according to Gartner. — DK
 

SF admin: My security job

Chuck Miller February 18, 2009

Rogue San Francisco network administrator Terry Childs claims he was just acting in accordance with job requirements by refusing to divulge passwords for the city's FiberWAN network last summer. According to recent court filings, he resisted a "surprise request to disclose the passwords" at a stressful meeting with his boss and police officials, maintaining that no one present "was qualified to have the passwords." Childs faces seven years in prison. — CAM
 

Trustwave acquires NAC vendor Mirage Networks

Angela Moscaritolo February 17, 2009

Managed security vendor Trustwave will add network access control (NAC) technology to its suite of solutions with its acquisition of Mirage Networks, the company announced Tuesday.
 

Don't blame the employees for peeping: Organizations are at fault for poor access governance

Brian Cleary vice president of products and marketing, Aveksa February 09, 2009

Some employees are taking advantage of access policy gaps without realizing they are breaking privacy laws.
 

Removing admin rights can stem Microsoft exploits

Angela Moscaritolo February 05, 2009

Eliminating administrator rights -- the default setting on most Windows machines -- can stop the spread of malware, a new study has found.
 

To Facebook or not to Facebook?

Angela Moscaritolo February 03, 2009

More than half the respondents of a recent poll said their organization does not have a policy on using Facebook.
 

Annual study reveals cost of a data breach keeps climbing

Dan Kaplan February 02, 2009

The cost of a data breach rose to a new record in 2008, according to the fourth annual Ponemon Institute study.
 

Stimulus bill includes protection for digital health care records

Dan Kaplan January 30, 2009

The $818 billion economic stimulus bill that the U.S. House passed this week includes security and privacy controls regulating the digitization of patient health records.
 

British hacker can stay home

Chuck Miller January 20, 2009

The British hacker who caused some $800,000 worth of damage to U.S. government computers will not be coming to America soon.
 

NIST releases draft guidelines for data protection

Angela Moscaritolo January 15, 2009

NIST this month released draft recommendations that federal agencies -- and their contractors -- should follow to protect the confidentially of personally identifiable information.
 

Muslim hackers attack Israeli websites as Gaza strikes continue

Dan Kaplan December 31, 2008

Muslim extremists are targeting Israeli websites, as the conflict in the Gaza Strip rages on, with no end in sight.
 

State Department snoop sentenced

Greg Masters December 23, 2008

A former employee of the U.S. Department of State was sentenced for unauthorized access to a database containing passport applicants' confidential information.
 

Survey: Collaboration applications inadequately secured

Angela Moscaritolo December 18, 2008

A gap in security exits for applications that help enable collaboration among employees, such as intranet portals and content management systems, a recent study found.
 

Trial of accused Palin email hacker delayed until spring

Dan Kaplan November 25, 2008

The student charged with accessing former vice presidential candidate Sarah Palin's email will go to trial in April.
 

$1 million reward for arrest of cyberextortionists

Dan Kaplan November 12, 2008

A pharmacy benefits firm offers $1 million for information leading to the conviction of a band of data thief extortionists.
 

Microsoft doles out two patches for four flaws

Dan Kaplan November 11, 2008

Microsoft on Tuesday shipped two patches to shore up four vulnerabilities.
 

No fear factor: How to make role management work for the enterprise

Deepak Taneja, founder, president and CTO of Aveksa November 03, 2008

There are three key objectives to keep in mind for determining the success of any roles-based access and identity management initiative, says Deepak Taneja.
 

Companies have security to consider with in-the-cloud Office

Angela Moscaritolo October 29, 2008

Security professionals weigh in on concerns of the next version of Microsoft Office, which will include components available in the cloud.
 

Latest News

« Previous
Next »
Popular Topics
Analyst Reports & Industry Surveys Anti Spam Anti Spyware Anti Virus Apple Threats Application Security Breaches & Exposures Browser Flaws Browsers And Security CAN-SPAM Act Data Loss Prevention Endpoint Protection Facebook Government Industry Surveys Lawbreakers & Cybercrime Malware Mobile Endpoint Security Privacy Privacy Regulation Social Networks Spam Spam Techniques Trojans Vulnerabilities & Flaws