Come Join the Discussion
Add your comments to any of these postings or comments
Tuesday, November 12, 2013
Quick Tips for Handling and Securing your Laptop
Treat your laptop like cash!
Do not leave your laptop in your
car.
Don’t allow your laptop or
anything of value to be visible from outside of your car. If you have to leave
a laptop in a vehicle, put
it in the trunk before you depart, not when you arrive at your destination,
thus avoiding anyone seeing a laptop in an unattended vehicle. Never store a
laptop in the trunk over night or over the weekend.
Do not allow anyone
else to use your laptop
Don’t allow your laptop or anything of value to be visible from
outside of your car. If you have to leave a laptop in a vehicle, put it
in the trunk before you depart, not when you arrive at your destination, thus
avoiding anyone seeing a laptop in an unattended vehicle. Never store a laptop
in the trunk over night or over the weekend.
Ensure that your laptop has been encrypted
All laptops should be encrypted, as they are too easy to loose or be stolen, and it is too easy to forget what you may have stored on them. Something could be confidential.
Record the make, model and serial number
of your laptop and keep it in a separate location. Have a luggage tag on your laptop case, labeled with your contact information.
Secure
your laptop when in the
office
Secure your laptop
by locking it in a docking station, if available. You can also use a security
cable, a locked office or locked cabinet. Do not set the laptop on the desk and then walk
away with it unsecured.
Keep it off the floor
No matter where you are in public – at a conference, a
coffee shop, or a registration desk – avoid putting your laptop on the floor.
If you must put it down, place it between your feet or at least up against your
leg, so that you’re aware of it. Laptops on the floor can easily get stepped
on, kicked, and stolen
Do not store
your password with your laptop
Be very careful while travelling with a
laptop
You should secure your laptop with a strong password, but don’t keep the password in the laptop
case or on a piece of paper stuck to the laptop.
Studies have
shown approximately 12,000 laptops per week are lost or misplaced in US
Airports!
Consider non-traditional bags
for carrying your laptop
When you take your laptop on the road, carrying
it in a computer case
may advertise what’s inside. Consider
using a suitcase, a padded
briefcase or a backpack instead.
Do not store your laptop in checked luggage.
Never store your laptop in checked
luggage. Always carry
it with you.
Be vigilant in hotels
If you stay in
hotels, a security cable may not be enough. Try not to leave your laptop out in
your room. Rather, use the safe in your room if there is one. If you’re using a
security cable to lock down your laptop, consider hanging the “do not disturb”
sign on your door.
Keep
track of your laptop
when you go through airport screening
Hold onto your laptop until the person in front
of you has gone through
the metal detector. Watch for your laptop to emerge
from the TSA scanners.
Backup your files
Wednesday, April 17, 2013
Very mixed day: Obama Notifies of Intent to Veto CISPA, but Gun Control Dies
The suspense is over as Obama actually stands tall again, in defense of Americans' privacy. No get out of jail free card for the corporations who want to share private data. Back to the drawing board for Congress. Can they ever get it right? We all know what is needed, but Congress is just too busy trying to manage all that lobbyist money. It's a lot to keep track of! I applaud the efforts of the ACLU in keeping the pressure on Obama; he actually used some of their language in his statements.
However, what is the deal with this lack of responsible gun control? We're not talking about taking guns away from anyone, except possibly those who are so screwed up as to fail a reasonable background check. Now, wouldn't we want this to occur? This one has the major support of the majority of Americans, but the NRA is way out of bounds here. It's almost too absurd and blatant to believe. I don't need to hear another person screaming "guns don't kill people, people do"! Some people should not have the guns that kill people.
However, what is the deal with this lack of responsible gun control? We're not talking about taking guns away from anyone, except possibly those who are so screwed up as to fail a reasonable background check. Now, wouldn't we want this to occur? This one has the major support of the majority of Americans, but the NRA is way out of bounds here. It's almost too absurd and blatant to believe. I don't need to hear another person screaming "guns don't kill people, people do"! Some people should not have the guns that kill people.
Healthcare HITECH Privacy and Security Summit, May 21 at the Universal City Hilton
HIMSS (Healthcare Information and
Management Systems Society) Southern California
has partnered with ISSA-LA (Information Systems Security Association Los
Angeles) to present the Healthcare
HITECH Privacy and Security Summit, May 21 at the Universal City
Hilton.
This event will bring
together leaders in Privacy and Security within government and private industry
for a day of collaboration, networking and presentations by leading Privacy and
Security professionals. You will learn from experts what you need to know to
comply with new HITECH rules and OCR investigations.
Keynote Speaker
Howard
Schmidt
White House Cybersecurity
Coordinator, Retired
Special
Advisor to President Obama
“The Summit is packed with an All-Star cast
of speakers, who will share their knowledge and experience to help prepare
covered entities and business associates to meet the September 23, 2013
Compliance Deadline of the final omnibus rule”, according to Richard Greenberg,
ISSA Fellow, Los Angeles Board member, and Information Security Officer for Los
Angeles County Public Health. The U.S. Department of Health and Human Services
(HHS) published the rule, which modifies the privacy and security,
breach notification, and enforcement regulations now a part of the Health
Insurance Portability and Accountability Act of 1996 (HIPAA).
“You’ll hear directly from a wide variety of
professionals, including Yun-kyung (Peggy) Lee of the U.S.
Department of Health and Human Services, Office of Civil Rights, who will
prepare attendees in case of an OCR investigation”, continued Mr. Greenberg.
“We have attorneys, CISOs, a Privacy Officer, and other experts who will engage
with attendees as part of panels on BYOD and Business Associates, and during
the Roundtable Luncheon.”
According to the Open Security Foundation's
DataLossDB, which tracks the loss, theft, or exposure of personally
identifiable information, out of the 1,520 total incidents reported last year,
327 occurred in the medical industry, making it the most widely breached
industry in the United States. Healthcare has been one of China’s priorities in
its 15-year science and technology development strategy for 2006 to 2020, and
has resulted in a surge in campaigns against Healthcare firms.
The Summit provides an excellent opportunity
to learn how your peers are handling important privacy and security issues
arising from HITECH, such as data breaches, compliance, and mobile device
security. The Summit provides a collaborative environment where attendees and
speakers can network, share experiences, and learn from one another.
The Summit will be held on Tuesday, May 21,
2013 from 7:30 am to 6:30 pm at the Universal City Hilton.
ISSA-LA is the premier catalyst and
information source in Los Angeles for improving the practice of information
security. The Chapter provides educational programs for information security
and IT professionals. The Chapter conducts outreach programs to businesses,
financial institutions, nonprofits, governmental agencies, and consumers. ISSA-LA
is the founding Chapter of the Information Systems Security Association, an
international not-for-profit association of information security professionals
and practitioners.
For more information or to register for the
Healthcare HITECH Privacy and Security Summit, please visit: http://www.issala.org/summit/healthcare-hitech-privacy-and-security-summit/
The agenda can be viewed here:
http://www.issala.org/wp-content/uploads/2013/04/Healthcare-Summit-Schedule-7.2.pdf
Who Should Attend
• Privacy Professionals
• Security Professionals
• Risk Management Professionals
• Clinicians
• Hospitals and other Healthcare Providers
• Health Plan Professionals
• Employers and Healthcare Purchasers
• State, Regional and Community-Based Health Information
Organizations
• Public Health Officials
• Pharmaceutical, Biotechnology and Medical Device Manufacturers
• Healthcare IT Consultants, Suppliers and Vendors
• State and Federal Policy Makers
• Health Services Researchers
• Academics
• Chief Executive Officers
• Chief Operating Officers
• Chief Technology Officers
• Chief Financial Officers
• Compliance Officers
• Health Law Attorneys
• Medical Directors
• Physicians
• Managed Care Professionals
• Medical Group Managers
• Data Managers
• Ethics Officers
• Health Insurance Executives
• Consultants
• Government Agency Employees
• Health Administration Faculty
Thursday, January 31, 2013
The Los Angeles Chapter of the Information Systems Security Association (ISSA-LA) invites you to partner with us at our Fifth Annual Information Security Summit, “The Growing Cyber Threat: Protect Your Business!” The Summit is the premier Information Security event in Southern California. Last year we drew 500 people, and our goal for this year is 700.
The Summit offers information systems and information security vendors a very high-value marketing opportunity. By taking advantage of Summit and meeting sponsorships, your products and services get associated in the marketplace with ISSA-LA’s leadership; this enhances the market’s perception of you as an industry leader in the 18th largest economy in the world — Los Angeles County.
We have many different sponsorship levels designed for every type of budget, including a set of premier sponsorships that include the full Summit attendee list. The top level sponsorships also bring with them an opportunity to address the full audience.
To register to be a Summit V Sponsor, please visit our Registration Page:
For more information about the Summit, including speakers, please visit our Summit website:
For more information about sponsorship, please visit:
OR
Contact our Vendor Director, Richard Greenberg, at:
We hope to see you there!
Friday, January 25, 2013
Government in bed with Communications Corporations
It is now illegal for wireless customers to purchase and unlock their cell phones! We know that George Orwell's and Aldus Huxley's visions of the future have unfortunately come to pass, but this is getting ridiculous and outrageous. http://tinyurl.com/ahpzo67
Wednesday, January 23, 2013
Tuesday, January 22, 2013
OWASP Monthly Meeting - January 23, 2013
- 900 Corporate Pointe , Culver City, CAowaspla.org
- Top Ten Web Defenses
We cannot “firewall” or “patch” our way to secure websites. In the past, security professionals thought firewalls, Secure Sockets Layer (SSL), patching, and privacy policies were enough. Today, however, these methods are outdated and ineffective, as attacks on prominent, well-protected websites are occurring every day. Website developers must learn to code in a secure fashion to have any chance of providing organizations with proper defenses in the current threat-scape. The session will provide specific tips and guidelines to make website code both low risk and less vulnerable.- Bio: Jim Manico
Jim is the VP of Security Architecture for WhiteHat Security. Jim is also the host of the OWASP Podcast Series, is the committee chair of the OWASP Connections Committee, is the project manager of the OWASP Cheatsheet series, and is a significant contributor to several additional OWASP projects. Jim provides secure coding and developer awareness training for WhiteHat Security using his 8+ years of experience delivering developer-training courses for SANS, Aspect Security and others. He brings 16 years of database-driven Web software development and analysis experience to WhiteHat and OWASP as well. Jim works on the beautiful island of Kauai, Hawaii where he lives with his wife Tracey.- Sponsor: WhiteHat Security
Founded in 2001 and headquartered in Santa Clara, California, WhiteHat Security provides end-to-end solutions for Web security. The company's cloud technology platform and leading security engineers turn verified security intelligence into actionable insights for customers. Through a combination of core products and strategic partnerships, WhiteHat Security provides complete Web security at a scale unmatched in the industry. WhiteHat Sentinel, the company's flagship product line, manages thousands of websites -- including sites in the most regulated industries as well as top ecommerce, finance and healthcare companies.
Subscribe to:
Posts (Atom)