Blog Posts Tagged with "Employees"
Privacy Scares from the Ghosts of Job Applicants Past
January 17, 2013 Added by:Rebecca Herold
There is a topic that has been coming up, over and over and over again over the past 12 years, that I’ve never seen addressed in other publications. What does your organization do with all the personal information you collect from job applicants? Consider a real situation I encountered around ten years ago...
Comments (2)
Six Questions to Ask Before Posting to Social Networks
October 10, 2012 Added by:Rebecca Herold
Every day I see yet another situation where employees misused, abused or otherwise accused social media sites to the chagrin of their employers. Businesses need to make a coordinated effort, using a combination of policies, training and technology to mitigate the risks of workers using social media sites...
Comments (0)
Navigating Social Media Legal Risks: Safeguarding Your Business
October 03, 2012 Added by:Ben Rothke
Social media makes it easy for organizations to find and retain customers and increase sales, amongst many other benefits. At the same time, it can expose an organization to significant and highly-expensive legal risks and issues, and find themselves at the receiving end of a subpoena...
Comments (0)
CFAA Does Not Bar Misappropriation when Employee Authorized
September 27, 2012 Added by:David Navetta
The CFAA only permits claims for accessing a protected computer “without authorization” and “exceeds authorized access” “only when an individual accesses a computer without permission or obtains or alters information on a computer beyond that which he is authorized to access...”
Comments (0)
Three Ways to Minimize Reputational Risk with Social Media
September 26, 2012 Added by:Brent Huston
One of the most difficult tasks for an organization is conveying the importance of discretion for employees who use social media. Not only are organizations at risk from having their networks attacked, but they must protect their reputation and proprietary ideas...
Comments (0)
Compliance and Company Values from the Ground Up
September 17, 2012 Added by:Thomas Fox
For the compliance practitioner sometimes the biggest challenge is not only to get senior management but the troops in the trenches to embrace compliance. Cathy Choi's story is a powerful lesson of one way to get those troops to buy into what the compliance department is selling...
Comments (0)
BYOD: Mobile Security Tips for Small Businesses
September 16, 2012 Added by:Robert Siciliano
If you choose to use your personal device for work purposes, at any time, for any reason, your employer will more than likely want control over that device. This means that, again, your employer may have remote capabilities to monitor activity wipe your device’s data...
Comments (1)
Data Mobility and Security Biggest Cloud Computing Concern
September 10, 2012 Added by:Bill Gerneglia
BYOD issues continue to cause headaches for IT departments. Security mandates grow exponentially as they struggle to prevent data leaks from private networks onto public clouds. The biggest concerns with public clouds are the loss of data and control of the location of that data...
Comments (1)
Leadership in the Compliance Department
September 05, 2012 Added by:Thomas Fox
While a leader can provide some insights based on experience, and perhaps give a different view, the employee who brought up the compliance issue will probably be more intimately involved with it. The employee may have thought through a resolution to the potential issue as well...
Comments (0)
Understanding Your BYOD Policy
August 28, 2012 Added by:Robert Siciliano
If you choose to use your personal device for work, then your employer will more than likely want control over that device. This means like in a company mobile liability policy, the employer may have remote capabilities to monitor activity and in the event of loss or employee termination, wipe the data...
Comments (0)
Messaging Mishaps Have Collateral Damage
August 21, 2012 Added by:Rebecca Herold
Bottom line for all organizations, from the largest to the smallest: You need to establish messaging policies that clearly communicate that all emails sent through the company email system are subject to monitoring, and that no one using the system should have any expectation of privacy for the messages...
Comments (1)
Illinois Bars Employers from Obtaining Social Media Credentials
August 20, 2012 Added by:David Navetta
Although privacy advocates and federal regulators and legislators have primarily been focusing on consumer privacy issues, such as behavioral advertising and data mining, the significant changes in workplace privacy protections demand continued vigilance from employers...
Comments (1)
To Tweet, or Not to Tweet, That is the Question...
August 19, 2012 Added by:Christopher Laing
Activities that threaten your business are the downloading and opening of attachments and Internet files that contain malicious software, and the electronic delivery/distribution of business sensitive information without encryption. This may done either accidentally or deliberately by a disgruntled employee...
Comments (1)
Relating Responsibility and Liability: At the Core of BYOD
August 15, 2012 Added by:Rafal Los
Does it make sense to repurpose "security awareness" to be inclusive of corporate and personal responsibility? Should we have users sign agreements that make them aware they are responsible, personally, when bad things happen as a result of their actions? Should there be HR actions against users who are reckless?
Comments (0)
Not Providing Education is the Dumbest Idea for Infosec
August 14, 2012 Added by:Rebecca Herold
Every year or so, an otherwise smart information security professional publishes some really bad information security advice about how awareness and training is a waste of time and money. Bottom line for all organizations: Humans have always been and will always be the weakest link in security...
Comments (0)
Why Effective Awareness Training Matters
August 12, 2012 Added by:Brent Hutfless
Training and education are key elements to securing data. The advances in detection and monitoring solutions have placed more capable tools in the security professional’s toolbox, but APT attacks have grown in sophistication and perseverance – often leading to successful attacks and subsequent data loss...
Comments (2)
- 'DarkGate' Campaign Targets Europeans with Multiple Payloads
- Facebook Patches Bug that Exposed Private Information
- A Human-Centered Approach to Building a Smart, Satisfied Information Security Team
- Addressing the CISO’s Key Challenges in 2018 and Beyond with Endpoint Detection and Response
- Fight Fileless Malware on All Fronts
- How to Protect SMBs Against Phishing Attacks via Social Engineering
- DDoS Disruption: Election Attacks
- Buy, Rent, or Uber Your Security Operations Center
- What You Need to Know about the Recent Apache Struts Vulnerability
- Crypto-Mining Malware Attacks on iPhones Up 400%: Report