Don’t break the build. There is absolutely no question that the build process is a pivot in the software quality process. Build every day, don’t break the build and do a smoke test before releasing the latest version. This morning, I installed the latest build of an extremely complex network security product from one of …
Read more »Every so often my ISP calls us up and asks to speak with the IT manager or the person who is responsible for the network. This time it was Netvision offering me a special deal on Symantec anti-virus and a $5/month service package for virus updates. Well, I said “We don’t use Windows, and I …
Read more »Yesterday I spent most of the day re-installing one of the workstation in the office with Ubuntu 11.10. I like what I saw, but the Unity interface is not my cup of tea so I installed Gnome – what they call Classic Ubuntu. In principle I shut down as many operating services as I can …
Read more »Sturm und Drang is associated with literature or music aiming to frighten the audience or imbue them with extremes of emotion”. The Symantec Internet Security Threat Report is a good example of sturm und drung marketing endemic in the information security industry. Vendors like Symantec sell fear, not security products, when they report on “Rises on Data …
Read more »
What is more important – patient safety or the health of the enterprise hospital Windows network? What is more important – writing secure code or installing an anti-virus? Software Associates specializes in helping medical device vendors achieve HIPAA compliance and improve the data and software security of their products in hospital and mobile environments. A …
Read more »
Data without interoperability = pain. What is happening in the US healthcare space is fascinating as stimulus funds (or what they call in the Middle East – “baksheesh”) are being paid to doctors to acquire an Electronic Health Records system that has “meaningful use”. The term “meaningful use” is vaguely defined in the stimulus bill …
Read more »If you’re a a information security and compliance analyst, we have an offer that cannot be beat. Get PTA ( Practical Threat Analysis) Professional software from our colleagues at Practical Threat Analysis Technologies totally free for one year. After the year is up, just drop them an email, and you’ll get a free license renewal. When you …
Read more »
Mark Galeotti has a piece on the online Moscow News today entitled Why are Russians excellent cybercriminals? Mr Galeotti seems to have most of his facts right as he wonders: “Why does every hacking and cyberscam story – real or fictional – seem to have a Russia connection?In part, it is prejudice and laziness. The stereotype of the …
Read more »A customer case study: Using DLP to protect customer data at a telecom service provider Our first data loss prevention (DLP) project was in 2005 with 013 Barak – now 013 Barak/Netvision. It followed on the heels of an extensive business vulnerability assessment and management level decision to protect customer data. It’s significant that 013 …
Read more »A customer case study – cloud security assessment Faced with a steep bill for securing a new cloud application, a client asked us to help find a way to reduce their risk exposure at the lowest possible cost. By using the Business Threat Modeling methodology and PTA (Practical Threat Analysis) software, we were able to build a …
Read more »