How Effective Are Biometric Security Measures?


Computer Security Tip of the Week

Scott Aurnou – Biometric security measures like fingerprint scanners have been incorporated into a few products recently, but do they provide effective protection or are they more of a novelty at this point?

If you enjoyed this video, you can see more on TheSecurityAdvocate YouTube channel.

Tagged with: , , , ,
Posted in Laptops & Desktops, Network Security, Security Tip of the Week, Smartphones & Tablets

Lawyers and Email: Ethical & Security Considerations

Secure EmailBy Scott Aurnou

The specter of attorney-client privilege has a long and well-respected history in litigation… but means nothing at all to a hacker. “Delete this email if you are not the intended recipient” or similar language theoretically sounds imposing, but essentially does nothing to protect firm or client data from any nefarious actors who view it (though they may get a good chuckle before reading the “forbidden” email).

In May 2014, LexisNexis published a study pertaining to law firm security awareness versus actual practices with respect to communications and file sharing with clients. Almost 90% of those surveyed used email to communicate with clients and privileged third parties. The vast majority of attorneys surveyed also acknowledged the increasingly important role of various file sharing services and the inherent risk of someone other than a client or privileged third party gaining access to shared documents. Yet only 22% used encrypted email and 13% use secure file sharing sites, while 77% of firms relied upon the effectively worthless “confidentiality statements” within the body of emails to secure them.
Read more ›

Tagged with: , , , , , , , , , , , , ,
Posted in Cloud Security, Laptops & Desktops, Network Security, Privacy Issues, Smartphones & Tablets

What is Social Engineering?


Computer Security Tip of the Week

Scott Aurnou – Why would a hacker engage in a potentially time-consuming and difficult attack against a well-guarded computer network or secure location when he or she can simply trick someone into giving them access? Learn about the basics of social engineering here.

If you enjoyed this video, you can see more on TheSecurityAdvocate YouTube channel.

Tagged with: , , , , , , , , , , , , , ,
Posted in Fraud & Scams, Laptops & Desktops, Network Security, Security Tip of the Week

Compliance for Developers of Medical Applications and Software under HIPAA and Other Regulations

HIPAABy Kaiser Wahab and Susanna Guffey

Information and data supplied by patients via smartphones and the Internet are poised to drastically lower costs associated with medical care and make it easier for doctors to treat patients, even remotely. However, developers should keep in mind the particular regulatory and compliance issues that arise when dealing with personal medical information.

This article provides a brief overview of the legal framework and best practices that developers should heed. First, it discusses the handling of health information under the Health Insurance Portability and Accountability Act, commonly referred to as “HIPAA”. Second, the article discusses potential Food and Drug Administration (FDA) regulation of certain medical applications or software that may also function as “medical devices.” Lastly, it discusses general concerns and best practices for mobile application or software developers.

I. Health Insurance Portability and Accountability Act (HIPAA)

What companies are regulated by HIPAA?

HIPAA establishes the rules that the U.S. Department of Health and Human Services uses to regulate the transmission of protected health information (PHI). PHI is any individually identifiable health information that is held or maintained by a Covered Entity or their Business Associates (defined below). Examples include demographic information past, present or future physical or mental health or condition of the patient; information pertaining to payment of healthcare services; and genetic information. For example, a mobile medical application that allows patients to transmit personal health information via their mobile devices would be handling PHI.
Read more ›

Tagged with: , , , , , , , , , , ,
Posted in Guest Posts

What Is the Internet of Things (and What Risks Come with It)?


Computer Security Tip of the Week

Scott Aurnou – The “Internet of Things” has become an increasingly popular buzzphrase. What is it and what risks can it pose to your safety?

Webpages referenced in this video include:
Secure Your Wi-Fi Router (it’s What Connects You to the Internet)

If you enjoyed this video, you can see more on TheSecurityAdvocate YouTube channel.

Tagged with: , , , ,
Posted in Cloud Security, Network Security, Security Tip of the Week
Twitter: saurnou
TheSecurityAdvocate Youtube Channel
Subscribe for updates to TheSecurityAdvocate
Name
Email Address*