nightmare

Congress backtracking on Internet gambling

Thu, 24 Apr 2008 06:59:59 -0400

Some members of Congress, backed by financial institutions, are trying to enact legislation that would stop the Treasury Department from adopting regulations to enforce a federal ban on Internet gambling. The 2006 Unlawful Internet Gambling Enforcement Act calls for criminal and civil penalties for banks, credit card companies and others that process payments to gambling web sites. But the Treasury Department is having a hard time writing the regulations and the banks are balking at having to enforce the law.

The financial institutions claim it would be a nightmare to be forced to use their computerized payment systems to determine which customer activities are legal and which are not and argue they don't want to police the Internet. Legislation backed by Rep. Barney Frank, chairman of the House Committee on Financial Services, would stop the Treasury from writing or implementing regulations to carry out the 2006 law.

For more on this dispute:
- Check out this InformationWeek article

How hard is it to secure your data?

Mon, 17 Dec 2007 06:59:58 -0500

CIOs must protect their systems from outsiders as well as insiders. A recent survey conducted last month by RSA found that one-third of those surveyed had to work around their organization's security policies to get the job done. And that means an added vulnerability to anyone's system. These insiders are just as good as outside hackers in finding data that is not secured or exploiting weak security policies. There are plenty of ways to break through security. One of them is sending email attachments with sensitive documents. Another way is accessing work email at a public computer. It's hard to believe that anyone with a technology background would do this. But don't be surprised because it happens.

The survey found that two thirds of people who were surveyed sometimes leave their workplace carrying a mobile device such as a laptop that holds sensitive information relating to their jobs. Is this a nightmare for a CIO? It sure is. Not only that, eight percent of those surveyed reported that they had lost a mobile device with company information on it. By now, every CIO should have rules of the road in place for their employees. If they don't, does that mean the CIO is derelict, too?

For more on protecting your data:
- See this CIO Magazine Article

College data breach may be worst yet

Sun, 21 May 2006 20:01:35 -0400

The state of IT security at Ohio University has gone from bad to worse in record time. In what has to be every tech leader's nightmare, the university is acknowledging that one of its data servers has been compromised for at least a year--meaning hackers and thieves have had access to valuable and confidential student data, including social security numbers, for the entire time. As one industry analyst exclaimed, it's an "unbelievable" incident and extraordinary that no one realized the security breach was happening for so long.

For more on Ohio University's security woes:
read the article at News.com

Editor's Corner

Thu, 04 May 2006 20:01:40 -0400

Every CIO's nightmare happened to the Idaho Power Company last week when it discovered that old disk drives hadn't been thoroughly cleaned before being tossed. With nearly 500,000 customers, and lots of data stored on drives, you can only imagine the panic and heart palpitations that took place when the mistake was revealed. As an article over at Computerworld relates, the company had decided to recycle a couple of hundred drives to a vendor, which then sold them to third parties. So far 86 have been recovered--which means there are still too many drives out there with confidential information. Not only is the company worried about the impact this will have on customer loyalty, as well as potential damage resulting from the breach, there are those pesky compliance rules that obviously come into play. - Judy

Honesty, openness can limit data breach damage

Tue, 25 Apr 2006 20:01:38 -0400

No enterprise wants to admit that its confidential stores of information have been compromised or illegally accessed by online criminals. But as one company has learned, being open about the incident is the best course of action to take. After Lexis Nexis' data reserves were breached, with thousands of customer files illegally accessed, the company says being honest and quickly notifying customers was key to keeping the damage level low. It also learned some good lessons about what kind of security efforts work and which ones don't. For example, if you're relying on passwords, you're bound for trouble, say the company's leaders. Two-factor authentication is a good start, but automated technologies to detect suspicious online activity is even better.

For more on avoiding the data breach nightmare:
- read this article at Computerworld

ALSO NOTED: Vista's encryption could be law enforcement nightmare; Friday next court date for BlackBerry patent battle; and muc

Mon, 20 Feb 2006 19:00:50 -0500

> Vista's encryption could be a law enforcement nightmare. Article

> Friday is next court date for BlackBerry patent battle. Article

> How virtualization can help boost better system efficiency. Article

> SOX rules could be eased for small and midsized businesses. Article

> Linux is Symbian's big competitor in mobile system development. Article

> Why behavioral biometrics is seen as a good security tool for e-commerce. Article

> Why the big guns are grabbing open-source startups more and more. Article

And Finally... The benefit of tapping your inner artistic freak. Column