Category: Internal security

  • 3 things to do before you spend money on a HIPAA consultant for your clinical trial

    Flaskdata specializes in same data data and safety solutions for clinical trials. Flaskdata is a technology company specializing in clinical datamanagement and monitoring. We are accomplished at providing our customers with the most effective way to achieve high quality clinical dataand assure patient safety. There is no single solution that works for everyclinical trial. We work […]

  • WannaCrypt attacks

    For your IMMEDIATE notice: If you run medical device Windows management consoles, run Windows Update and update your machine NOW. This is my professional advice considering the new ransomware worm out there attacking machines MS17-010 has been out more than a month, but we have to assume that that the majority of Windows-based medical devices […]

  • Procedures are not a substitute for ethical behavior

    Are procedures  a substitute for responsible and ethical behavior? The  behavior of former secretary  of  State (and Presidential race loser) Hilary Clinton is an important example of how feeling entitled is not the exclusive domain of under 20-somethings. When we do a threat analysis of medical devices, we try to look beyond the technical security […]

  • What is your take on anti-virus in medical devices?

    A check-box IT requirement for medical devices on the hospital network is installation of anti-virus software even though most devices don’t have network connectivity and as a result are running outdated AV engine and  signatures.  What is your take? Should device vendors continue to install anti-virus even though it’s not effective? Would you considering using […]

  • The valley of death between IT and information security

    IT is about executing predictable business processes. Security is about reducing the impact of unpredictable attacks to a your organization. In order ot bridge the chasm – IT and security need to adopt a common goal and a common language – a language  of customer-centric threat modelling Typically, when a company ( business unit, department or […]

  • What is the best project management software for a startup

    Somehow I got roped into a thread on Quora and noticed this item Lots of people shilling their Web 2.0 SaaS services for project management but at the end of the day, you have to ask why a startup even needs project management software. I’ve been thru a few startups either as founder or CTO […]

  • Small business data security

    Here are 7 steps to protecting your small business’s data and and intellectual property in 2011 in the era of the Obama Presidency and rising government regulation. Some of these steps are about not drinking consultant coolade (like Step # 1- Do not be tempted into an expensive business process mapping project) and others are adopting best practices […]

  • WikiLeaks Breach – trusted insiders not hackers

    With a delay of almost 10 years – SCIAM has published an article on the insider threat – WikiLeaks Breach Highlights Insider Security As one of the pioneers in the DLP space (data loss prevention) and an active data security consultant in the field since 2003 – I am not surprised when civilians like the […]

  • What is security?

    So what is security anyhow? Security is not about awareness. A lot of folks talk about the people factor and how investing in security awareness training is key for data protection. I think that investing in formal security awareness training, internal advertising campaigns and all kinds of fancy booklets and cards for employees is a […]

  • Why the Europeans are not buying DLP

    It’s one of those things that European-based information security consultants must  ask themselves at times – why isn’t my phone ringing off the hook for DLP solutions if the European Data protection directives are so clear on the requirement to protect privacy? The central guideline is the EU Data Protection Directive – and reading the […]

1 2 3 6
Next Page