Friday, June 6, 2008
How insiders hack SQL databases with free tools and a little luck
As always, for my past information security content be sure to check out www.principlelogic.com/resources.html.
Thursday, June 5, 2008
If you're ever caught in a situation where you have to decrypt sensitive information, either find an alternative method for encrypting when it's not in use or don't decrypt. It's that simple. Better yet, just encrypt your entire hard drive! There's no reason not to.
Wednesday, June 4, 2008
I know this seems trite but I still see plenty of networks where it's up to the users to lock their screens...and guess what, they're usually unlocked. Or, if it's policy, the screen locking is not configured for a reasonable amount of security (i.e. they timeout in 10+ minutes - plenty of time for misdeeds)....Or, the policies are not being enforced altogether.
So, if anything, do yourself a personal favor and do the three finger salute (CTRL-ALT-DEL) and lock your screen every time you get up from your desk. It only takes 21 days to form a new habit such as this - something that can save you a lot of grief when the time comes for someone to try and take you for a ride.
Principle Logic’s Kevin Beaver to Keynote GA Society of CPA's Tech Conference
Kevin Beaver, independent information security expert with Atlanta-based Principle Logic, LLC, will be keynoting the Georgia Society of CPA’s 2008 Technology Conference. Kevin will apply his practical and no-nonsense approach to security in his presentation titled The Business Case for Information Security. He will outline why information security is a business problem and what can and should be done about it.
“I’m honored and humbled to have been invited to speak to a group of people that play such a key role in information security.” says Beaver. “The fact that many accounting professionals want to hear about information security issues says it all. Security’s not a technical problem that IT should own but rather a business issue that business people need to be involved with.”
About Principle Logic, LLC and Kevin Beaver
As an independent consultant with Principle Logic, LLC, Kevin Beaver’s services include security-related keynote speaking engagements, expert witness consulting and testimony, security assessments of networks and Web applications, and information security pre-audits and gap analyses. Kevin has authored/co-authored seven books on information security including Hacking For Dummies, Hacking Wireless Networks For Dummies, Laptop Encryption For Dummies, Securing the Mobile Enterprise For Dummies, and The Practical Guide to HIPAA Privacy and Security Compliance. He is a regular contributor to SearchWindowsSecurity.com, SearchSoftwareQuality.com, SearchSQLServer.com, and Security Technology & Design magazine. Kevin is also the creator and producer of the Security On Wheels audio programs and blog providing security learning for IT professionals on the go (securityonwheels.com).
Tuesday, June 3, 2008
I don't necessarily fault Google for this. Their clean home page has always attracted me to their site.
It comes right up! ;-)
Not that I trust Google on issues like this! I'm just saying...
http://jobcenter.ittoolbox.com (under 'Sign up for Job Alerts' - you may have to login)
http://www.securityfocus.com/archive (select Security Jobs and enter your email address)
You may get a lot of notifications, but if you're in the market, that's not a bad thing! I've seen some jobs posted that actually look pretty good.