Today Apple released OSX 10.7 Lion the latest version of their desktop and server OS. A number of new security features have been introduced with Lion which are very welcome, as well as a bunch of new usability tweaks and other generally cool things. I upgraded my i7 Macbook Pro to it a few hours ago and have a few quick observations: It’s only available as a download via the App store. No going to the Apple store and picking up … →
The FFIEC (Federal Financial Institutions Examination Council), the banking interagency body that creates unified standards across the various regulatory agencies, recently issued new guidance on managing risks in user authentication for online transactions. The guidance is practical and has relevance for any industry in which sensitive transactions are conducted online. Categorically this applies to banks (of course) but also to healthcare organizations. As more and more electronic protected health information (ePHI) comes online with the rapid adoption of EMR/EHR systems, … →
We hold these truths to be self-evident, that all networks are created for a higher purpose, that they are intended to support communication, productivity, and prosperity, and are endowed by their architects and administrators with certain unalienable Rights, that among these are Security, Confidentiality, and Integrity. That to secure these systems, expertise arises among certain noble men, deriving their just powers from the deep understanding of inherent vulnerabilities — That whenever any Form of Hacker becomes destructive of these ends, … →
Certain types of computer dysfunction are analogous to disease, at least in a descriptive sense. For example, we say that a PC can get “infected” by a computer “virus.” The recent rash of hacker attacks makes me wonder if we’re on the verge of a data breach “epidemic?” True epidemics occur when new human cases of a certain disease substantially exceed what is expected over a period of time. Epidemic diseases need not be communicable; they occur when there are … →
