Blog Posts Tagged with "Employees"
Observations on Lack of Research in Social Engineering
April 19, 2012 Added by:Bozidar Spirovski
The attack was performed by multiple phone calls which created contact with multiple targets. Each call was a probing attempt to collect as much information possible. The first and second stage of the attack was aimed at the same targets but with several days delay between stages...
Comments (0)
Ten Ways to Handle Insider Threats
April 18, 2012 Added by:Brent Huston
Tough economic times make it tempting for an employee to switch his white hat to a black one for financial gain. Insider threats also include contractors, auditors, and anyone who has authorized access to systems. How can you minimize the risk? Here are a few tips...
Comments (1)
Social Media Security Tips for Small Business
April 18, 2012 Added by:Robert Siciliano
Many companies restrict internal access to social media. Others prevent employees from discussing or mentioning the company in social media during private time. Follow these social media security tips for small business to prevent security issues...
Comments (3)
Four Tips for Teaching Your Staff About Social Engineering
April 11, 2012 Added by:Brent Huston
Social engineering, the process of obtaining confidential information through tricking people to do things they should not do; is on the rise. So how can you help your staff recognize social engineering before it’s too late? Here are a few tips...
Comments (0)
Six Good Reasons Not to Ask for Social Media Passwords
April 05, 2012 Added by:Rebecca Herold
There have been a barrage of stories recently about organizations asking applicants and employees for their Facebook, Twitter, LinkedIn and other social networking passwords. Compelled password disclosure is a very bad idea for organizations to do for many reasons...
Comments (0)
Barbara Tuchman and Compliance Programs
April 04, 2012 Added by:Thomas Fox
Compliance professionals are continually try to get the message out at corporations. Here is some wisdom that Tuchman advocated and how it might help the compliance professional convey the essence of doing business in compliance across a corporation...
Comments (0)
Do You Need a Formal Policy for Managing Mobile Devices?
March 28, 2012 Added by:Kyle Lagunas
Security risks associated with BYOD policies continue to intimidate some - one respondent said he is “scared to death of security vulnerabilities” - but what would do more to minimize risks than to adopt an official policy?
Comments (0)
Nearly Five Percent of All Smartphones Lost Every Year
March 20, 2012 Added by:Robert Siciliano
Based on the costly consequences of lost data assets, it makes sense to allocate the necessary resources to invest in anti-theft and data protection solutions in order to secure smartphones and the sensitive and confidential information they contain...
Comments (0)
Roundtable: Opportunities for HR in Consumerization of IT
March 15, 2012 Added by:Kyle Lagunas
Providing access to all sorts of internal systems for both employees and managers can make for a more adaptable organization regardless of size. IT has struggled with this loss of gatekeeper control, but the sound fiscal results are changing the minds of the C-suite...
Comments (0)
NLRB Issued Second Report on Social Media Enforcement
February 17, 2012 Added by:David Navetta
As we have previously noted in prior posts about the NLRB’s social media enforcement actions, employers should carefully review and adjust their social media policies and practices in light of the NLRB’s guidance and enforcement...
Comments (0)
Creating Sustainable Compliance Performance
February 16, 2012 Added by:Thomas Fox
Thriving employees - who are not only “satisfied and productive but also engaged in creating the future” for their organization - out produce non-thriving employees. These concepts matter within the context of promoting a culture of compliance within your organization...
Comments (0)
Enterprise Security and the Battle Over Productivity
February 11, 2012 Added by:Rafal Los
The trick is, when security can't clearly and absolutely get definition on what employees should and shouldn't be allowed to do, they have to implement the law of least privilege overly aggressively and then things get slow, tedious, and everyone complains about security...
Comments (0)
Compliance Due Diligence Checks: Reference Interviews
February 10, 2012 Added by:Thomas Fox
Compliance evaluation is becoming a more common component of the employee selection and hiring process. Many companies now specifically include due diligence in compliance parlance when hiring senior managers or others who will hold high levels of authority...
Comments (0)
Managing Employee's Expectation of Privacy
February 02, 2012 Added by:Suzanne Widup
FDA whistleblowers allege their emails were monitored once they told Congress the agency was approving risky medical devices, violating their Constitutional rights. The FDA said that employees are warned they may be monitored, and should not have an expectation of privacy...
Comments (1)
Legal Implications of Social Networking Part 3: Data Security
January 31, 2012 Added by:David Navetta
Technology exists for monitoring and tracking of social media usage by employees. Ultimately however, like social media itself, it comes down to people - risk can only be addressed appropriately if the individuals using social media are equipped to identify and mitigate against it...
Comments (0)
Social Engineering: Don't Talk to Strangers
January 29, 2012 Added by:Jim Palazzolo
Policy development must be constructed around conversations that will take place during an attack, and reinforced after the policy has been deployed. Re-training of individuals on security awareness will help to decrease the amount of risk involved in day-to-day operations...
Comments (0)
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox
- The Emperor Is Naked!