Search:

Blog Posts Tagged with "Third Party"

Af9c34417f8e5e0d240850bb353b5d40

I Hope Edo is Worth the Privacy Risk

May 16, 2012 Added by:Keith Mendoza

About a week ago, I read about this new daily deal service called edo that ties to your bank account, and the first thing that came to my mind is “uh oh, another attack vector into my bank info”. Here are a list of features that are those potential attack vectors...

Comments  (0)

54a9b7b662bfb0f0445d1661d7ed180b

Where Will the Buck Stop in Cloud Security?

May 16, 2012 Added by:Jayson Wylie

I don’t want to see the main outcome of security and data breaches become lengthy litigation. If cloud security boils down to he who has the best law team, the direction of security will have an approach of least exposure to litigation versus Cyber threats. This does not settle with me as a valid security driver for improving security posture...

Comments  (0)

21d6c9b1539821f5afbd3d8ce5d96380

FedRAMP Releases Updated Security Assessment Templates

May 11, 2012 Added by:Kevin L. Jackson

FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and monitoring for Cloud Service Providers. This document has been designed for Third-Party Independent Assessors to use for planning security testing of CSPs...

Comments  (0)

16443e0c6f6e4a400fd0164b3c406170

Four Steps to Follow when Your Credit Card is Compromised

April 24, 2012 Added by:Christopher Burgess

Certification of compliance demonstrates that at that given point of time the entity was in adherence to the PCI standards. The threat landscape is dynamic and ever changing requiring those entrusted with our data to take steps beyond compliance to protect that data...

Comments  (0)

Ebe141392ea3ebf96ba918c780ea1ebe

The Security Poverty Line and Junk Food

April 17, 2012 Added by:Wendy Nather

Organizations below the security poverty line tend to be inordinately dependent on third parties and have less direct control over the security of the systems they use. They end up ceding risk decisions to third parties that they ideally should be making themselves...

Comments  (2)

7ddc1f3000a13e4dfec28074e9e7b658

Megaupload Goes to Court: A Primer

April 11, 2012 Added by:Electronic Frontier Foundation

Does the government have a responsibility to protect innocent third parties from collateral damage when it seizes their property in the course of prosecuting alleged copyright infringement? That is the question a federal district court will consider...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Financial Institutions – Your Time is Coming

April 04, 2012 Added by:PCI Guru

Most financial institutions purchase their software applications from third party development firms. With all of the regulatory changes going on in the financial institution industry, these software firms have been focused on those regulatory changes and not PCI compliance...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

FTC to Link Do-Not-Track and Big Data Concerns

April 03, 2012 Added by:David Navetta

The FTC sees a greater threat to consumers in third-party data collection because of lack of notice, choice and transparency in the practices of data collectors. But the challenge is understanding where to draw the line between “first party” and “third party” practices...

Comments  (0)

1de705dde1cf97450678321cd77853d9

The Role of Penetration Testing in the Infosec Strategy

March 26, 2012 Added by:Ian Tibble

For all intents and purposes, penetration testing had become such a low quality affair that clients stopped paying for it unless they were driven by regulations to perform periodic tests of their perimeter "by an independent third party"...

Comments  (2)

68b48711426f3b082ab24e5746a66b36

Application Security: Why is Everybody Always Picking on Me?

March 19, 2012 Added by:Fergal Glynn

The recent explosion in Mobile application development paints a clear picture of the modern development landscape. Not only in terms of the incredible speed of production, but perhaps more importantly, the widening gap between speed-to-market and software security quality...

Comments  (0)

0f57a863af3b7e5bf59a94319a408ff7

A Structured Approach to Handling External Connections

February 28, 2012 Added by:Enno Rey

The approach to be developed is meant to work on the basis of several types of remote connections in which each determines associated security controls and other parameters. At the first glance, not overly complicated, but – as always – the devil is in the details...

Comments  (0)

C787d4daae33f0e155e00c614f07b0ee

The Security Impact of Putting it in the Cloud

February 20, 2012 Added by:Robb Reck

nd. Information security must not be the roadblock that prevents the adoption of such technology. By thinking ahead about the kinds of risks that outsourcing our systems will involve, we can be ready to quickly and securely lead our organization into the cloud...

Comments  (3)

68b48711426f3b082ab24e5746a66b36

Application Software and Security: A Tale of Two Market Sizes

February 20, 2012 Added by:Fergal Glynn

We spend 0.3% of what we pay for software on ensuring that it is secure. Now you can argue that manual testing is not included. However, even when you account for this variance, the gap in what we spend to buy software and what we spend to secure it is huge...

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

Department of Justice Misdirection on Cloud Computing

February 08, 2012 Added by:Electronic Frontier Foundation

The DOJ has been unequivocal that cloud users have no right to challenge government access to "non-content" information held by Cloud systems - their location, their contacts, their communications patterns and more. Lawyers call this the "third party problem"...

Comments  (0)

7d35335f47d5d82b093aeee47a5b0a64

Symantec: What Went Wrong?

January 19, 2012 Added by:Bill Mathews

Where the rubber meets the road: I am a firm believer that security systems should be able to hold up to open scrutiny but often I’m alone in that. If this code leak really makes Symantec’s software useless for securing systems I would contend they’re doing it wrong...

Comments  (4)

5e402abc3fedaf8927900f014ccc031f

Avoid Cracks in Your Website's Security Armor

January 09, 2012 Added by:Allan Pratt, MBA

I have heard from several colleagues that their blogs have been compromised. While a security breach may be inevitable – heck, branches of the Federal Government and national financial institutions have been hacked – there are steps you can take to protect the valuable data...

Comments  (0)

Page « < 1 - 2 - 3 > »
Most Liked


Latest Member Comments

"This book is a valuable resource for all things least privilege. As one of only a few Microsoft MVPs that talk about privilege manageme..."

Implementing Least Privilege... Derek Melber on 05-16-2012

"Great writing - Asking Techies and business to play in the same sandbox is, has and always will be behaviors difficult to adjust to. Ho..."

Who Are You Preaching to Anyway?... Sal Tuzzo on 05-16-2012

"Another poor, brainwashed drone spouts the official cokehead Breitbart propaganda line. There were only TWO rapes associated with Oc..."

Don't Be Naïve about Anonymous or the Occup... Willx Willx on 05-16-2012

"American's police use the warrantless cell phone tracking and the administration leaked out this information. cell phone spy"

Warrantless Cell Phone Tracking, Drones, and... alva berto on 05-16-2012
Latest Posts
Latest Survey Results
2011 will be most likely be remembered for:
results