We’re mobile addicts but we just don’t want new smartphones
http://www.zdnet.com/article/research-were-mobile-addicts-but-we-just-dont-want-new-smartphones/
For whatever value of "Mobile" is applicable in context, yes.
A lot of what I see is students in the library with their laptops or large tablets_keyboards with paper and books beside. Perhaps if students had the multi-screen displays like the one in the movie "Swordfish" AND there were more books on-line at low cost and multi-access (which isn't how many libraries work, sadly) then the marketers dream of students with ebooks rather than a knapsack of books would happen. As it is, with only one viewer, books and papers are still needed.
Confusion over Physical Assets, Information Assets – Part Two
So I need to compile a list of ALL assets, information or otherwise,
NO!
That leads to tables and chairs and powerbars.
OK so you can't work without those, but that's not what I meant.
Physical assets are only relevant in so far as they part of information processing. You should not start from those, you should start from the information and look at how the business processes make use of it. Don't confuse you DR/BC plan with your core ISMS statements. ISO Standard 22301 addresses that.
This is, ultimately, about the business processes.
Confusion over Physical Assets, Information Assets in ISO-27000
I often explain that Information Security focuses on Information Assets.
Some day, on the corporate balance sheet, there will be an entry
which reads, "Information"; for in most cases the information is
more valuable than the hardware which processes it.
-- Adm. Grace Murray Hopper, USN Ret.
Some people see this as a binary absolute - they think that there's no need to asses the risks to the physical assets or that somehow this is automatically considered when assessing the risk to information.
The thing is there are differing types of information and differing types of containers for them.
Are these “Top 10” dumb things or not?
At "10 dumb things users do that can mess up their computers" Debra Littlejohn Shinder brings up some interesting common failings. Lets look at her list, because I have a different take.
#1: Plug into the wall without surge protection
#2: Surf the Internet without a firewall
#3: Neglect to run or update antivirus and anti-spyware programs
#4: Install and uninstall lots of programs, especially betas
#5: Keep disks full and fragmented
#6: Open all attachments
#7: Click on everything
#8: Share and share alike
#9: Pick the wrong passwords
#10: Ignore the need for a backup and recovery plan
Well, they seem interesting, but ...
The big "but" gets back to one of my favourite phrases:
Very simply, in my own context most of this is meaningless. It may well be in yours as well.
Irony
Headline: FTC attorney's laptops stolen
http://www.presstelegram.com/business/ci_3969575
The government agency charged with fighting identity theft said Thursday it had lost two government laptops containing sensitive personal data, the latest in a series of breaches encompassing millions of people.
Can you spell "Irony"?
This goes a bit beyond the bare-faced incompetence that we've grown used to
and come to treat as the new security baseline at the government.
And here's another chunk of Irony:
Many of the people whose data were compromised were being investigated for possible fraud and
identity theft, said Joel Winston, associate director of the FTC's Division of Privacy and Identity Theft Protection.
But what caught my attention in this article was the following:
On Thursday, a House panel was cautioned that credit monitoring alone may not be enough to protect Americans whose names, birth dates and Social Security numbers were compromised at the hands of the government.
During the House hearing Thursday, Mike Cook, a co-founder of a company specializing in data breaches, said identity-theft victims typically don't become aware they've been hurt until six months after their data was stolen, when creditors come calling for money owed.
At that point, it's likely the thieves will have moved on having made just a few purchases so they don't attract notice and started using another victim's information.
As a result, a credit monitoring service would raise a red flag after it was too late, Cook said.
So what's the real use of this credit monitoring that the companies are handing out in the aftermath of privacy failures if its not going to protect you? "Oh, you've had your bank account emptied, your house sold, and your wife has received a divorce notice. And by the way, your credit is non existent but that may be due compute hackers...."
Related articles
- Why Was Capital One Fined for Deceptive Credit Card Practices? (nationaldebtrelief.com)
- SC lawmakers to discuss extended credit monitoring (thestate.com)
- What To Do if You're a Victim of Identity Theft Tax Fraud (community.ally.com)
- Identity Theft: Keeping Safe in an Online World Infographic (veracode.com)
- Ways to Prevent Identity Theft [Infographic] (blogs.lawyers.com)
- Identity theft (themaurergroup.wordpress.com)
- How Important Identity Theft Prevention (howprotectmyid.wordpress.com)
- Tips to avoid becoming an identity theft victim (technology.inquirer.net)
