Storing Card Numbers Unencrypted – REALLY?
The US Federal Trade Commission has sued Wyndham Worldwide and three of its subsidiaries for poor data security, it was announced in late June. To be clear this is a lawsuit and it is not a statement of guilt. As of this writing Wyndham has not agreed to any of the items in the suit. […]
The Patriot Act and the Cloud
A year ago, Microsoft’s U.K. managing director surprised many people by publicly admitting that Microsoft will hand over data stored in any of its worldwide facilities when asked to do so by the U.S. government. In fact, the cloud customers and their data subjects would not even be informed if there was a gag order […]
Who Can Read My Data in the Cloud?
For the sake of your compliance, you hope that the answer is “nobody”! For most organizations, confidentiality is the greatest concern. The most worrying thing about using cloud technology is storing your data on someone else’s hardware. But how big of a risk is this, really? Stored data should be encrypted. However, how much of […]
Encrypt Early, Encrypt Often
My last post was about malicious update notices that pop up when using public network connections. I advised checking digital signatures on the updates. I want to add to that and expand a bit on public communication channels and storage. First, when you use a public network, wired or wireless, your data may not be […]