Beyond Print
View SM Online by Past Magazine Issue:
August 2007
Cybersecurity

Security and Outsourcing: Negotiate Early

As a growing number of U.S. companies outsource software creation and data-handling functions to service providers located in other countries, the issue of data protection has gained prominence. One such problem is that 'backdoors' could be inserted in code for later use and that personal financial data could be stolen.

    Crooks Zero in on Valuable Data

    Zero-day attacks - the name given to exploits of vulnerabilities for which no patch is available - are the bête noires of IT security. Unfortunately, discoveries of not-yet-patchable vulnerabilities are on the rise, raising the specter of more zero-day exploits. Learn more about zero-day attacks and what you can do to combat them here.

      Data Disaster?

      One-third of IT professionals believe that a major data breach could put their company out of business.

        Business PC Risk

        Thirteen percent of corporate PCs have had unauthorized USB devices attached to them, creating the risk for data loss and malware to enter the corporate system.

          Drive-By-Downloads

          About ten percent of Web pages contain malicious code, according to a Google study.

          A Site to See

          In order to ensure that your PC is protected from malware, it helps to run a few tests. Auditmypc.com offers just that: a handful of free, relatively quick self-assessments. Options include testing the strength of your firewall and your protection against pop-ups.

            Legal Report

            Investigations

            In a recent decision, the North Carolina Court of Appeals found a company guilty of malicious prosecution after it investigated an employee for wrongdoing, fired him, and then reported his alleged activities to the police despite the fact that the employee's innocence could have easily been ascertained, said the court.

            REAL ID

            The Senate Judiciary Committee recently held a hearing to examine the privacy and civil liberties concerns surrounding the driver's license requirements mandated under the REAL ID Act. Witnesses also evaluated two new bills - S. 717 and H.R. 1117 - that would repeal REAL ID and require a new set of standards for driver's licenses. You can read the full testimony here.

            Courthouse Security

            The bill (S. 378) would increase courthouse security has been approved by the Senate. The House of Representatives has not announced whether it will take action on the bill, which would also require that the U.S. Marshals Service offer ongoing security advice to the judiciary.

            Genetic Discrimination

            The bill (H.R. 493) would prohibit discrimination based on genetic information has been approved by the House of Representatives. The Senate has agreed to consider the measure and has also released a report on the proposed legislation.

            National Guard

            Two bills (S. 430 and H.R. 718) introduced by Sen. Christopher Bond (R-MO) and Rep. Tom Davis (R-VA) would require the military to identify gaps between federal and state capabilities to respond to emergencies that have been created by the deployment of National Guard troops to Iraq and Afghanistan. The bill would also make the Chief of the National Guard Bureau a member of the Joint Chiefs of Staff.

            Iowa - Bullying

            A new law (formerly S.B. 61) requires that all public and private schools develop antibullying programs and take steps to eliminate bullying at schools and during all school functions regardless of location.

              SM Online

              Aviation Security

              Read a critical intra-agency review of the Department of Homeland Security handling of suspicious passengers on board a flight in 2004, which has been called a terrorist 'dry run' by the media.

                Disaster Response

                A small nuclear weapon would have a catastrophic impact on the healthcare systems of four major U.S. cities say two scientists, but advise deployable medical equipment coupled with environmental modeling software could save lives.

                  Emergency Planning

                  Don't know what to do if pandemic influenza hits the U.S.? Then read the Occupational Safety and Health Administration's pandemic influenza preparedness and response guidelines for the healthcare field.

                    Hostile Workplace

                    Accidentally seeing pornography viewed by colleagues is not sufficient for a hostile workplace claim ruled a federal appeals court. However, the court determined the woman could pursue a claim based on the overall environment in which women were continually denigrated, called names, and placed in sexual situations.

                    Identity Theft

                    The recommendations are in from the President's Task Force on Identity Theft: the strategic plan advises four broad policy changes including that federal agencies reduce the unnecessary use of Social Security numbers.

                    IT Security

                    How protected from data leakage is your business? A survey of IT decision makers and found 60 percent of companies lost confidential data in the last year. 33 percent believe it could put them out of business.

                      Background Screening

                      Six DHS background screening programs are examined by the GAO and found to be duplicative of one another, resulting in widespread redundancies and other inefficiencies.

                      Negligence

                      A bank is not liable for an employee's injury during a bank robbery ruled a federal appeals court because it did not attempt to conceal the workplace risk from the employee.

                      Sexual Discrimination

                      A woman can seek a sexual discrimination claim against her employer says a federal appeals court, even though the position she sought was not filled by a male employer, but eliminated.

                      Violent Crime

                      Violent crime has soared over the past two years finds a report from the Police Executive Research Forum. Alarmingly, murder has risen 10.2 percent since 2004.

                        International

                        A survey of 300 office workers and IT professionals by Infosecurity Europe found that 64 percent were prepared to give away their passwords in exchange for a smile and a chocolate bar; 29 percent of those surveyed admitted knowing a coworker's password.

                          Data Mining

                          The bill (S. 236) introduced by Sen. Russ Feingold (D-WI) would monitor government use of data mining has been approved by the Senate Judiciary Committee.

                          Airport Security

                          The bill (H.R. 1413), introduced by Rep. Nita Lowey (D-NY), would establish an airport security pilot program has been approved by the House Homeland Security Committee's Subcommittee on Transportation Security and Infrastructure Protection.

                          Washington - Consumer Reports

                          It has become more difficult for employers in Washington state to access an applicant's credit report to make hiring or promotion decisions. Under a new law (formerly S.B. 5774), employers can only obtain credit reports if the information is substantially related to the person's current or potential job - or if it is required by another law.

                          Rattlesnakes and Other Surprise Solutions

                          As Associate Editor Ann Longmore-Etheridge noted in her feature, there are many resources risk managers can consult whether planning overseas trips or preparing for a pandemic.

                             




                            Beyond Print

                            SM Online

                            See all the latest links and resources that supplement the current issue of Security Management magazine.