Friday, January 30, 2015

I was quoted in an FCW article on mobile device security.



Striking a balance with mobile device security


Agencies face a delicate balancing act when it comes to providing mobile security.

On the one hand, IT departments seek to extend endpoint security to a growing population of mobile devices. It's easy to see why: Smartphones can go missing along with agency data, and mobile devices in general can introduce malware to enterprise networks. On the other hand, employees want the ease of use of consumer technology, and agency managers covet the potential productivity boost.

More:
http://fcw.com/articles/2014/12/08/striking-a-balance-with-mobile-device-security.aspx


Thursday, January 29, 2015

Fitbit ChargeHR



Saturday, January 24, 2015

Best Alternatives to Tor: 12 Programs to Use Since NSA, Hackers Compromised Tor Project

 Here are a list of programs you can use now that Tor has been breached (Note that some of them like Disconnect and Peerblock are not full-scale replacements for Tor and Tails uses Tor):

More:
http://www.idigitaltimes.com/best-alternatives-tor-12-programs-use-nsa-hackers-compromised-tor-project-376976

Thursday, January 15, 2015

New CISSP Domains



CISSP Domains, Effective April 15, 2015

  • Security and Risk Management (Security, Risk, Compliance, Law, Regulations, Business Continuity)
  • Asset Security (Protecting Security of Assets)
  • Security Engineering (Engineering and Management of Security)
  • Communications and Network Security (Designing and Protecting Network Security)
  • Identity and Access Management (Controlling Access and Managing Identity)
  • Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)
  • Security Operations (Foundational Concepts, Investigations, Incident Management, Disaster Recovery)
  • Software Development Security (Understanding, Applying, and Enforcing Software Security)