OWASP Passfault improves on password strength and password policies. [...]
|
||||||
|
I’ll be representing Partnet at the SANS AppSec Summit at the end of this month. We will participate on a panel called What you can learn from small businesses about AppSec. I love working for a smaller company. I think the flexibility, and the “buck stops here” mentality makes small businesses more effective than larger businesses. [...] There has been a lot of discussion in the news lately about cybersecurity threats and big company security breaches. These cases are really scary and should result in consequences for the people involved, but a lot of security comes down to personal responsibility. There is an “I” in security. I need to make sure I password protect [...] Financial Transaction Services (FTS) wrote an article recently about why suppliers should be concerned about Level III credit card data when they are selling to the government and how they can save on transaction processing fees by providing it. You can read the article here, but I think the important question here is why does the [...] In 2009, the Ways and Means committee put forth the Health Information Technology for Economic and Clinical Health Act or HITECH Act. The bill states that Health information technology helps save lives and lower costs. One of the four major goals of the legislation is to “Strengthening Federal privacy and security law to protect identifiable health [...] Increased security seems to be on the mind of everyone this year. The President made promises to increase Cybersecurity in his State of the Union Address. President Obama’s budget calls for the strengthening of government cybersecurity while reducing overall information technology spending by more than a half-billion dollars. The document provides a roadmap to the administration’s [...] On May 31, 2011, the Department of Health and Human Services’ (HHS) Office for Civil Rights proposed a new rule recommending that patients have the right to ask for a report on who has accessed their medical records. The recommendation has been out for public comment since that time. A number of healthcare organizations including the Medical Group [...] It appears that the health care industry lacks understanding of basic information technology security. Dr David Lee Scher, MD, just wrote an article for the Healthcare IT and Technology blog outlining five things healthcare providers should know about electronic health care record security. From his article, it is obvious that health care workers could use some [...] Dr. Ann Cavoukian, Privacy Commissioner of Ontario, Canada, is recognized as one of the leading privacy experts in the world. She has been working with a concept called Privacy by Design for over 20 years. The idea is that Privacy should be designed into systems from the beginning, not added as an afterthought. Systems designers should [...] Department of Health and Human Services’ Office for Civil Rights’ recent notice of proposed rulemaking on accounting of disclosures introduces a valuable privacy tool for individuals—the access report. The HIPAA Security Rule’s information system activity review specification [164.308(a)(1)] requires organizations to “implement procedures to regularly review records of information system activity, such as audit logs, access reports, [...] |
||||||
|
Copyright of Partnet, Inc. 2012 | TurnLevel - All Rights Reserved 
|
||||||
Twitter
LinkedIn
Youtube
Facebook