"Holistic Information Security - Understanding the Threat, UK/EU Law and Practical Steps for Risk Reduction" is a 90min course providing practical, real-world information security advice and an update on EU/UK data law.
Thursday 25 June 2009
FaberBrent's groundbreaking solicitors CPD infosec course gets glowing approval from the SRA
Not wanting to blow our own trumpet but we are delighted to go live with our new CPD course for solicitors.
"Holistic Information Security - Understanding the Threat, UK/EU Law and Practical Steps for Risk Reduction" is a 90min course providing practical, real-world information security advice and an update on EU/UK data law.
"Holistic Information Security - Understanding the Threat, UK/EU Law and Practical Steps for Risk Reduction" is a 90min course providing practical, real-world information security advice and an update on EU/UK data law.
Shock horror - SpyPhone software exposed
We are always flattered when something we have been publicising makes an appearance and now spyphone software have reached the attention of Homeland security.
Understanding insider risk
A good article detailing the difference between insider threat and risk. We are all human and often the single biggest risk to information security is biological, not electronic. A holistic approach to your security policy will help minimise these variables.
Parcelforce website reveals customer data
Customer names and addresses were exposed online due to a Parcelforce system error. the extent of the exposure is not known.
56% of employees frequently see confidential documents on office printers
A survey by Samsung of 4,500 European office workers has shown over 50% frequently access confidential documents not intended for them.
This is not an IT or access failure but simply people not taking care of documents and printers. An effective security policy must be holistic, it is not enough to just control hardware.
Shock horror - wireless keyboards are a security risk
A presentation has been released detailing how to intercept data from some Microsoft wireless keyboards.
We are a little surprised that anyone with security concerns would ever have considered a wireless keyboard!
LSE are critical of Home Office Internet surveillance proposal
The London school of Economics have claimed that the Home Office proposal for Internet interception won't work, is too expensive and has poor safeguards.
Majority of Employees admit to breaking infosec rules
A new survey has shown that 69% of employees are happy to break security policy.
There are two pillars to successful policy observation: education for all and systemic controls wherever possible (of course the rules and procedures have to fit with your business practice).
For help creating an effective security culture contact FaberBrent.
IT pros almost as bad as general public when it comes to mobile passwords
I find the findings of this survey unacceptable but is some ways predictable.
The reality is IT professionals rarely have a security mindset, this is not to be confused with configuring IT security systems. Speaking recently to a long-serving military man who has recently joined a major defence contractor, he has found the lack of a real security culture shocking.
Do not rely on your IT professionals to have a true security mindset, employ specialist external auditors for genuine piece of mind.
Be sure to activate pin codes on both your phone and voice-mail. This is a basic security requirement and not a chore once you are in the habit.
Subscribe to:
Posts (Atom)
Posts
