It’s been a while since the NYS Comptroller’s Office has released any school district audits on information technology, but they’ve released one this week on Haldane Central School District. They summarize the findings of their audit, which covered the period July 1, 2014 — August 19, 2015 this way: We also found that the District…
Category: Commentaries and Analyses
The Data Breach You Haven’t Heard About: Hurd
Rep. Will Hurd writes that Congress and officials still don’t have answers about the discovery in December by software developer Juniper Networks of a backdoor in its ScreenOS software that could have allowed foreign entities to decrypt and read government communications. The backdoor is thought to have been inserted in 2013. And while the OPM breach…
Confidentiality language may not throw you into the breach!
Lisa A. Carroll, Martin B. Robins, David G. Kern and James M. Fisher II of Fisher Broyles write: A recent 11th Circuit case may – if followed elsewhere and not reversed by the US Supreme Court – reduce a company’s potential exposure under conventional contract language requiring sensitive materials to be held in confidence. Many…
Amazon accused of handing out its users’ personal data
Daniel Cooper reports: Eric Springer is not happy, mostly because he believes that Amazon let a nefarious type get at his account. In a blog over at Medium, Springer revealed that he was the victim of a “social engineering” hack that exposed his details to an unnamed third party. With just a rough idea of Springer’s…
John Matherly on Check Point Blacklisting Shodan
In today’s installment of “let’s hide our security failures from search engines,” Check Point is reportedly advising its clients to ban Shodan.io search engine from indexing their sites. Read more on Softpedia. It’s somewhat reassuring to think that many of the same firms who failed to adequately secure their databases will likely neither read nor act…
Employee Data More Exposed Than Customer Data: Study
Kelly Jackson Higgins reports: Midsized companies do a better job protecting their customer information than that of their own employees or their internal intellectual property, a new study found. Nearly one-third of companies and organizations with 100- to 2,000 employees in the US, Canada, India, Australia, Japan, and Malaysia, say they don’t regularly encrypt their…