Application Control – Whitelists for Controlling Malware.

There is news that security vendors are beginning to rethink their philosophy on how to protect computers.  The current practice is for security vendors to create blacklists of software that is not allowed to run on a computer.  This protects computer users from the installation of malicious software.  The problem with such a strategy is […] read more

Who Protects Those Who Police Us? Law Enforcement Needs File Encryption In More Ways Than Expected.

The need for data protection might be highest for those who protect us.  I recently read an article concerning an accident that happened in York, England.  A spreadsheet containing the personal information of police constables and deputy constables was posted to the York county’s website.  Among the information listed were Social Security numbers and home […] read more

A Different Take On The Consequence Of Ineffective Data Security – Employees Sue, Too.

Some of you might remember a case from almost 2 years ago where unencrypted computer disks and tapes containing the information of patients, close to 350,000 of them, was stolen from the backseat of a car.  Well, it looks like the saga continues.  The IT worker who blew the whistle on this particular data breach […] read more

Application Control Is An Effective Method To Stem Malware For Endpoint Security.

There is news today that Germany’s Federal Crime Office has busted a gang of phishing scammers.   The gang has been under surveillance for about 18 months, and the arrests have been in several German cities.  The gang was actually composed of people from Germany, Russia, and the Ukraine.  Unlike the initial phishing techniques used […] read more

The Dark Continent Suffers from Cyberattacks, Just Like Any Other Country. Why They Need Data Encrytion.

Here’s a new twist on an old problem.  Many of us associate phishing scams coming from some part of Africa.  This is in no small part due to all the spam e-mails that, if we were to allow them to introduce themselves, we certainly would end up assisting them financially, for we might end up […] read more

Device Encryption Is Optional Under HIPAA – Until Something Gets Stolen.

It is a glorious evening in Boston, and I see here in the news that McKesson, a pharmaceuticals distributor in the United States, had two computers stolen on July 18.  The computers had confidential patient data in them.  While this was reported earlier this morning on Fox news, it looks like it is hitting the […] read more

Monstrous Breach is a Sign of Things to Come in the Workplace without Endpoint Security.

Monster.com was hacked sometime ago and 1.3 million people were affected.  For the most part, it looks like the information that was stolen was largely relegated to names, addresses, phone numbers, and e-mail addresses.  What does a criminal do with information such as this?  After all, there is no mention of credit card numbers or […] read more

Third Data Breach At Pharmaceutical Company Shows The Importance of Endpoint Security – An Update.

Well, it looks like some of the things I said might happen, due to the Pfizer security breach, materialized in short order.  According to this article in theday.com, a Connecticut publication, there has been a lot of activity at Pfizer World, Pfizer’s secure intranet.  Based on this article, the security breach was discovered in July […] read more

Government Agency Uses More Laptops, Requires Mobile Data Protection.

A Department of Revenue Services (DRS) laptop computer containing the information of 106,000 Connecticut taxpayers was stolen.  One might wonder, why was taxpayer information stored on a portable computer?  My assumption is that most taxpayers would want sensitive information to be sequestered in a building, behind guards, the computer bolted onto the desk itself.  Well, […] read more

Third Data Breach At Pharmaceutical Company Shows The Importance of Endpoint Security.

Pfizer announced this week that there was serious security breach resulting in the loss of personal data affecting current employees as well as former ones.  It’s the third security breach in as many months.  In June, Pfizer exposed employees’ personal information via P2P filesharing.  About three weeks ago, consultants working for the company had their […] read more