Information Loss at Antioch University:
Failure to patch a Solaris server caused 60,000 users records to be exposed at Antioch University, including social security numbers: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9075098&intsrc=hm_list
How to secure sensitive information, data loss prevention, for sensitive data in corporations and other organizations, (ILP,CLP,DLP). It covers personal identifiable information, personal health information, credit card information, PII, PCI, PHI etc, and how to protect it. All opinions are mine, and not of my employer or any other organization. For terms of use, see first posting.
Monday, April 07, 2008
Go skiing, loose your PII: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9074339&intsrc=hm_list Credit card information stolen as cards were swiped. Maybe it is time to revisit credit cards with a built in smart card chip? In this instance, 46,000 cards were exposed from the Okemo Mountain Resort ski area in Vermont
Tuesday, April 01, 2008
PCI compliant, what does that mean?
Does compliance by an organization to PCI mean that credit card information is safe? According to a news article by informationweek: http://www.informationweek.com/security/showArticle.jhtml?articleID=206904986, this might not be the case as Hannaford Bros, lost 4.2 million credit and debit card numbers, while stating on their website that they are compliant to the industry PCI standard.
Does compliance by an organization to PCI mean that credit card information is safe? According to a news article by informationweek: http://www.informationweek.com/security/showArticle.jhtml?articleID=206904986, this might not be the case as Hannaford Bros, lost 4.2 million credit and debit card numbers, while stating on their website that they are compliant to the industry PCI standard.