You can't secure what you don't acknowledge.SM

Friday, October 9, 2009

My latest security content

Here are a couple of new articles of mind that were just published. Many more to come. Enjoy!

Balancing Windows security with reasonable password policies

Storage encryption essentials

Be sure to check out for all of my information security articles, podcasts, webcasts, screencasts, Twitter updates, and more.

Thursday, October 8, 2009

Asking the right questions

One of the elements of being successful in security is asking the right questions - and not being afraid to do so. As information security professionals we can, and should, question the funding of security projects, management being on board with the business risks at hand, and so on.

I recently came across two great quotes regarding questioning. First, Anthony Robbins said "Quality questions create a quality life. Successful people ask better questions, and as a result, they get better answers." Second, Albert Einstein said "The important thing is to not stop questioning."

We don't have to be pests and we certainly need to be careful and not do more harm than good when getting people on our side. But if you approach your security initiatives with enough finesse and confidence and show how you're concerned about the business your questioning might be just what the doctor ordered.

Tuesday, October 6, 2009

Don't give up

Napoleon Hill once said "The majority of men meet with failure because (they don't create) new plans to take the place of those that fail."

I see this a lot: people with big plans who are met with a setback, they get discouraged, and give up. If you feel strongly about doing something - writing a book, changing careers, getting a degree, whatever - don't be this person.

Good info on hardening Windows XP

I've written various articles on hardening Windows XP over the years and am always seeking out new nuggets since XP's going to be around a while. Eric Shultze has a neat list of 5 registry keys you can use to further harden your Windows XP systems that you may not have heard about. Enjoy!

10 Ways to Become Indispensable at Work

Here's a good piece on keeping your job and growing your career:

10 Ways to Become Indispensable at Work

I'd also add network to build your relationships, focus on your communications skills, and always, always - put things in terms of the business - what's in it for them. Here are some IT and security career tips (that can apply to anyone) I've written that dive into these areas and more.

Monday, October 5, 2009

National Archives does it again!

You may recall my appearance on CNN television earlier this year when a hard drive went missing from the National Archives and Records Administration. Well, apparently some lessons don't sink in. This time around the National Archives folks sent an unsecured hard drive containing personal info on 70 million+ veterans to a vendor for "repair and recycling" (huh?). Apparently an employee subverted a policy then had to go on leave and one thing led to another...Interesting story - I'm not surprised at the outcome.

In the spirit of our current govern-by-reaction mentality in Washington maybe a few new laws can be passed to keep this from happening. Oh wait, it's the government failing to listen to itself in the first place. Unbelievable.

My latest security content

Here's my latest information security content. Enjoy!

Are you earning what you're worth in information security?

Understanding the politics of information security

Be sure to check out for all of my information security articles, podcasts, webcasts, screencasts, Twitter updates, and more.