Tuesday, May 4, 2010

Guest Post - Nick Volpe - Summary of What's Hot in the Security Headlines

Guest Post from Nick Volpe.  Spring Semester Intern at Fortalice®, LLC.  Attending Immaculata University.

Facebook Expect to Launch Location-Aware Feature

It seems as if Facebook has long been put into the hot seat over its data privacy features. More specifically, what settings Facebook deem are appropriate defaults have come under scrutiny with less sophisticated users not knowing what information from their profile is available to whom and how to change that selection of information. In April 2010, Facebook will begin to allow its registered users to share their geographical location with their friends in their news feeds. The supposed location-based feature(s) are expected to be unveiled in late April at Facebook’s annual f8 developer conference in San Franscisco. According to company reports, the feature will be opt-in allowing users to choose if they wish to participate or not. Given the companies track record on security, however, users should be vigilant and check changes to privacy policies and settings. The news comes after popular micro blogging competitor, Twitter, announced a similar location-based feature for their offering. Officially, Facebook will neither confirm nor deny the anticipated announcement.
AllFacebook.com: “Facebook Prepares To Release Location Service At f8” by Nick O’Neil http://www.allfacebook.com/2010/03/facebook-prepares-to-release-location-service-at-f8/
NYTimes.com Bits Blog: “Facebook Will Allow Users to Share Location” by Nick Bilton http://bits.blogs.nytimes.com/2010/03/09/facebook-will-allow-users-to-share-location/
PC Magazine: “Report: Facebook to Add Location Info to Updates” by Brian Heater http://www.pcmag.com/article2/0,2817,2361237,00.asp

New Statistics Show About 12% of Employees Willingly Violate Company IT Policy

One of the biggest and most difficult to address points of failure in terms of IT security problems is employee error. According to a new survey conducted by firm Harris Interactive, 12% of the United States workforce claimed to have willingly violated their companies IT policies. The employees are something that IT departments need to worry about maybe even more so, in some sense, than antivirus and malware infection in the network. IT departments and companies simply are not tough enough on enforcing their policies as they should be thus making employees the largest cause of corporate data loss.
Ars Technica: “Bad employee! 12% knowingly violate company IT policies” by Jacqui Cheng http://arstechnica.com/business/news/2010/03/bad-employee-12-knowingly-violate-company-it-policies.ars?utm_source=rss&utm_medium=rss&utm_campaign=rss
Pivotal Payments: “12% of employees intentionally breach corporate IT policy, study shows” by Kristen Lawrence http://www.pivotalpayments.com/ca/industry-news/12-of-employees-intentionally-breach-corporate-it-policy-study-shows-19667517/                                                               

Highly Marketed Identity Protection Agency LifeLock Fined by FTC

The identity protection industry is highly lucrative and popular amongst individuals that aim to keep their confidential information private. There are firms that, for a monthly fee, claim to protect your identity by closely monitoring credit reports and other identifying accounts and information in order to protect your identity or at least attempt to do so.
LifeLock, one of these identity protection services, was fined by the US Federal Trade Commission for false advertising. The company guaranteed its clients that for as long as they paid, their identity would never be stolen and they would not be susceptible to fraud. As it turns out, you really can’t guarantee that a person’s identity can’t or won’t be stolen. There are simply too many factors in that. Ironically, the CEO of LifeLock, who freely gave out his social security number publicly as a testament to his service, fell victim of identity theft himself.
Total Bankruptcy: “LifeLock Fined for Inappropriate Identity Theft Protection Claims” http://www.totalbankruptcy.com/blog/lifelock-fined-for-inappropriate-identity-theft-protection-claims/
Ars Technica: “LifeLock fined $12 million over lack of life-locking ability” by Jacqui Cheng http://arstechnica.com/tech-policy/news/2010/03/lifelock-cant-guarantee-id-theft-prevention-after-all-settles-with-ftc.ars?utm_source=rss&utm_medium=rss&utm_campaign=rss

No comments:

Post a Comment