Security, Where Myths Should Go to Die
There are tellers of tales and debunkers of myths. An organization needs both. An example: the March of Dimes needed people to have the vision of eradicating Polio. Its very…
CISO Insights
Back to Vendor ListingsYou Can’t Stop Stupid: Security in the Academic World
One would think that working in a very prestigious university would simplify the job of the security department. All you would have to do is tell people what was required…
What Have We Been Doing The Past 10 Years?
You know you’ve reached a point in your career when you get asked to give a talk on how IT has evolved over the past 10-15 years. I guess it’s a…
Not Like the Others
(This is the sixth installment in an on-going examination of the first principles of data privacy and security. The first installment can be read here. The second installment can be read here. The…
IPv6 – It’s Time
VA Tech is one of the few institutions in the US that runs a full production, dual stack IPv4/IPv6 network. We’ve been running this dual stack network since 2005. All…
Being Data – The Principle of Participation
(This is the fifth installment in an on-going examination of the first principles of data privacy and security. The first installment can be read here. The second installment can be read here. The…
Restricting Users With Admin Privileges Solves the Wrong Problem
CONTROL: Minimize the number of users with domain or local administrative privileges. Such users should use a separate unprivileged account for email and web browsing. This control is misunderstood and…
Consent: The Part of ‘Yes’ that We Don’t Necessarily Understand
(This is the fourth installment in an on-going examination of the first principles of data privacy and security. The first installment can be read here. The second installment can be read here. The…
Smile, You’re On Candid Camera: The Lack of Privacy in Today’s World
I think that there is some confusion about the concept of privacy in a public setting. It appears to me that some people really believe that they can walk around,…
Have Data Will Travel
I was recently invited to speak to senior executives about traveling with electronic devices. I designed a presentation consisting of 11 slides and guessed it would take about half and…