Log in

Posts Tagged ‘Facebook’

The European Union to revamp data-protection rules that will control information flow

January 24th, 2012

Europe has been struggling for stricter data breach laws for a long time. The recent data thefts have pushed the EU to make tough rules as regards data breaches and data security. This certainly is the need of the hour, not only in Europe but all over the world as data breaches are on the rise and hackers are taking advantage of the loopholes in the system.

EU Justice Commissioner Viviane Reding talks about introducing new data protection regulations

The European Union is in the process of proposing new regulations regarding how companies use the personal information of Internet users this week. The new regulations are going to have a major impact on companies like Google and Facebook. This is going to put stricter limits on how they use the information of the people that use their services. According to Viciane Reading, vice president of the European Commission, a branch of the EU, these new regulations are absolutely required to protect personal data of the users and rebuild a sense of confidence in them.

The current state of security laws in Europe:

At present there are conflicting laws from various countries that form the Union. These laws force the companies to collect data on consumers from the Internet. Companies who do not follow any regulations are becoming a victiom of data breach and are always at loggerheads with the governments. For e.g. Facebook, has been in the limelight as it was targeted by both U.S. and European regulators for the wayt they use user data. The company underwent 20 years of independent audits after the U.S. Federal Trade Commission proved that the company’s use of customer information was illegal.

What data privacy means for consumers?

Privacy is a major concern for today’s insurance industry. The more transactions we carry out online, the more we stand to risk of becoming a target of cyber crime. Data Breaches puts information of millions of consumers at risk and that means monetary losses for companies and insurance groups.

What will the new rules exactly do?

The new rules will make it compulsory for financial services firms and credit card processors to report incidents of lost or stolen data within 24 hours of a breach. These rules are set to come into effect today. The companies must, as per new rules, appoint a data protection officer to preside over the protection of personal data stored and processed by individual businesses.

EU Justice Commissioner Viviane Reding’s comment

“I want to explicitly clarify that people shall have the right – and not only the ‘possibility’ – to withdraw their consent to the processing of the personal data they have given out themselves,” says Reding. “If an individual no longer wants his personal data to be processed or stored by a data controller, and if there is no legitimate reason for keeping it, the data should be removed from their system.” ”Companies that suffer a data leak must inform the data protection authorities and the individuals concerned, and they must do so without undue delay,” adds Reding. “As a general rule, without undue delay means for me ‘within 24 hours’.”

Data security with Alertsec

Following the essential guidelines is very necessary for data security in any organization. This news exemplifies the need for data protection applications. In an incident which highlights the need of Data encryption software and recovery software, the threat could have simply been reduced to an insurance matter by a mere investment of $13/month. The information would have been secure with no loss what so ever. That is certainly a small price to pay compared to what can happen if you lose confidential or sensitive data. Alertsec Xpress offers a very good and easy-to-use laptop security. There are no short cuts to Data security in any organization. Alertsec offers ervice that includes more than the traditional software licensing model.

No comments »

Posted in Computer security, Data Protection, computer security software, data breach, data encryption

Tags: AlertSec Xpress Cryptography data breach data security Encryption European Union Facebook Federal Trade Commission Information privacy Internaut laptop Personal computer Personally identifiable information Theft Viviane Reding

Anonymous is back with a bang! This time they breach Stratfor Inc.

January 9th, 2012

Stratfor Inc hacked and credit card data stolen

Anonymous has always been in the news for data hacking and just when we were wondering what they were up to, they are here! This time they have been successful in breaching data of the security Think-Tank Strategic Forecating Inc, based out of Austin.

The details

The group managed to hack into Stratfor’s web site and get data about the company’s corporate subscribers. This resulted in the website being closed down temporarily. Anonymous was proud to announce that they stole passwords, credit card details, and home addresses of about 4,000 people on Stratfor’s private client list. Their plan was to use the credit card information to make fraudulent donations to charities. The hackers described the data on Pastebin, then provided several links to websites hosting the information. According to them some 50,000 of the e-mail addresses released end in “.mil” or “.gov.”

Strangely enough, some representatives of the Anonymous group denied complete responsibility of the attacks. According to an Anonymous spokesman “it does not attack media sources.” The organization has been known for its hacks on Sony’s PlayStation services, the Church of Scientology, as well as companies, banks, and organizations that supported WikiLeaks.

What business is Stratfor into?

The company offers its clients like the U.S. Air Force, the Miami Police Department, and Apple, high-quality economic, political, and even military analysis to clients, delivered daily via email, video, and the Web.

After the hack

Stratfor is offering a free one-year subscription to an identity protection service to those affected. Stratfor’s CEO, George Friedman confirmed on the company’s Facebook page on Monday that the hack disclosed the names of some corporate subscribers along with personal and credit card data.

Barrett Brown, spokesman for Anonymous said “This wealth of data includes correspondence with untold thousands of contacts who have spoken to Stratfor’s employees off the record over more than a decade,”. “Many of those contacts work for major corporations within the intelligence and military contracting sectors, government agencies and other institutions.”

Stratfor’s chief George Friedman’s statement

“While addressing matters related to the breach of Stratfor’s data systems, the company has been made aware of false and misleading communications that have circulated within recent days,” said Friedman. “Specifically, there is a fraudulent email that appears to come from George.Friedman[@]Stratfor.com.”

High profile attacks are making the rounds and security agencies are scrambling to get the security policies of such companies in place. Stratfor’s website is under repair as of today and will take some time before it gets back in shape.

Alertsec equips firms with encryption software

Alertsec is here to take care of our security issues especially for anyone working with PCs. Alertsec Xpress is the service that automatically protects ALL information you store on your PC. The fact that we now buy more laptops than desktops shows that the information we all store is increasingly more vulnerable to be exposed. It is a much higher risk to lose a laptop than a desktop computer.

Encryption is the only secure method for complete protection of data stored on your hard disk. Today laptops are overtaking desktop PCs as the major source of computing and media storage, laptops frequently store an organization’s most valuable information. Thus laptop encryption is becoming more and more important.

Alertsec Xpress offers full disk encryption and is therefore superior to other encryption methods when comparing security, performance, robustness and ease-of-use for both administrators and users.

No comments »

Posted in Computer security, Data Protection, Hackers, Identity and Information loss, computer security software, data breach, data encryption, identity theft

Tags: anonymous Austin Austin Texas Consultants Credit card data Facebook George Friedman Hack Miami Police Department Pastebin security Stratfor United States Air Force Website Wikileaks

Facebook in trouble over privacy breach

November 3rd, 2011

Image representing Facebook as depicted in Cru...

Hamburg's Data Protection Authority (DPA) awaits explanation regarding privacy breach

In short

Facebook is in soup because of a new breach of German privacy laws. Apparently it has been using “cookies” to track account holders even after they’ve cancelled their accounts.

The news in detail

According to Johannes Caspar, head of Hamburg’s Data Protection Authority (DPA) has given a detailed report showing how Facebook uses cookies to record browsing behavior. The agency further added that Facebook had no need to leave those cookies some of which have been there for about two years. “Our investigation gave no reason for the setting of cookies,” he said. He further added that Facebook is yet to come up with a good reason for doing this.

This ‘cookies’ issue is not new really. Facebook has been interrogated regarding this before. The Electronic Privacy Information Center and nine more public interest groups sent a letter in late September to the Federal Trade Commission asking them to investigate Facebook’s alleged tracking activity.

The company’s stand has been that even though cookies remain on the computer, they do not store any personal identification. Facebook further adds that these cookies are maintained for security purposes like spamming. This practise also discourages minors from creating an account.

The Data Protection Authority wants to tackle one more problem

Facebook is yet to explain to the DPA about its facial-recognition feature. The feature automatically identifies a person’s friends and suggests their name. As per the users should be made aware and their permission taken before the systems store and study their faces to enable the feature. FB has a Monday deadline to respond to DPA’s query. European Union regulators will be looking into privacy violations in this facial-recognition feature.

Statement made by Facebook

“Facebook does not track users across the web,” it said in a statement. “Instead, we use cookies on social plugins to personalize content (e.g. Show you what your friends liked), to help maintain and improve what we do (e.g. Measure click-through rate), or for safety and security (e.g. Keeping underage kids from trying to signup with a different age).

“No information we receive when you see a social plugins is used to target ads, we delete or anonymise this information within 90 days, and we never sell your information.”

What does FB plan to do next?

Facebook has agreed to give the DPA a technical explanation about the cookies use. Facebook is of the opinion that unless and until the DPA hears out the explanation, conclusions should not be drawn.

Data Security is very important in today’s data vulnerable world. Use Alertsec encryption service

Every organization has to have a data security policy in place. This news emphasizes the need for protecting private data. In an incident which highlights the need of Data encryption software and recovery software, the threat could have simply been reduced to an insurance matter by a mere investment of $13/month. The information would have been secure with no loss what so ever. That is certainly a small price to pay compared to what can happen if you lose confidential or sensitive data. Alertsec Xpress offers a very good and easy-to-use laptop security service that includes more than the traditional software licensing mode.

No comments »

Posted in Computer security, Data Protection, computer security software, data breach, data encryption

Tags: Cookie Data Protection Authority DPA Electronic Privacy Information Center EuropeanUnion Facebook Federal Trade Commission Hamburg HTTP cookie Information privacy Johannes Caspar privacy

NHS breaches Data Protection Act by posting patient info online

October 31st, 2011

We talked in one of our last posts about how often patient data is getting compromised these days. Just when we thought there won’t be another breach related to patient data, we are proved wrong! The following news item talks again about patient data loss and that too due to negligence of the staff at National Health Service (NHS) Trust.

It appears that NHS staff has been breaching the Data Protection Act (DPA) by posting private patient data and photographs on Facebook. Data breaches took place across the country between July 2008 and July 2011. Civil liberties group Big Brother Watch submitted Freedom Of Information requests which showed that there were 806 separate data breaches at 152 NHS trusts during the above mentioned period. The report states that more than 20 incidents of patient information was posted on social networking sites and 91 cases where NHS staff was caught viewing details of colleagues.

Consequence of the data breach

Around 100 staff members were dismissed due to breach of Data Protection policy.

What does the Director of Big Brother Watch have to say?

‘This research highlights how the NHS is simply not doing enough to ensure confidential patient information is protected.’

The above shows that data breaches in the NHS are proving to be a ‘major problem’. ”The information held in medical records is of huge personal significance and for details to be disclosed, maliciously accessed or lost represents serious infringements on patient privacy.”

He further added: “It is essential the NHS is transparent about these incidents and failing or refusing to disclose that a data breach has taken place is unacceptable.”

Big Brother Watch feels that the NHS does not have a robust data security policy in place to ensure patients’ privacy is protected. It is of the opinion that such cases are going to keep increasing as more and more NHS staff members are going to get access to the new computer database having patient information. This new database called ‘The Summary Care Record’ will provide GPs, hospital doctors and paramedics immediate data about patients, such as allergies or medications.

NHS guilty of data breaches. Patient data compromised

Incident at the Nottingham University Hospital NHS Trust

A member of medical staff took a photograph of a patient in bed and showed it to friends on the social networking site. Needless to say, the member was dismissed.

What is being said about tightening of data security?

Information Commissioner’s Office said: “We continue to work with organizations from across the NHS to improve the security of patients’ information and will consider taking action where it is clear that an organization has failed to meet its legal obligations.”

Health Minister Simon Burns added: “We have issued clear standards and guidance to the NHS about what needs to be done to keep patient records secure and confidential. Individual NHS organizations are responsible for ensuring their staff understand and follow that guidance.”

Hospitals can secure themselves with Alertsec

Organisations and hospitals, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Alertsec Xpress’s Check Point Full Disk Encryption is used by over 4 million users worldwide.

No comments »

Posted in Computer security, Data Protection, Encryption, Uncategorized, data breach, data encryption

Tags: Big Brother Watch Christopher Graham Data loss Facebook NHS NHS Trust Patient

Tracking software helps track laptop thief

August 22nd, 2011

Macbook Pro stolen from an ex- FBI

Of all the people, this laptop thief had to rob a an IT security specialist and former FBI and NASA employee!

Interesting story ahead

When Greg Martin, an IT security specialist and former FBI and NASA employee, returned home late night he was shocked to see his house burgled. His laptop, a Macbook Pro, and other valuables were stolen. The thief had used a scaffold pole to open the security bars on his basement window! But Martin did not react the way most of us would. Had we been in his place, we would have panicked, right? Well, this guy is a former FBI and had installed a tracker on his laptop. So he knew that sooner or later the thief is going to get caught.

More about Greg

Greg Martin runs a blog called InfoSecurity 2.0. Is it not ironic to be stealing a laptop from a security guy? — Apparently Martin had installed an open source tracking software called Prey on his computer. According to the product’s website the software “lets you keep track of your phone or laptop at all times, and will help you find it if it ever gets lost or stolen,”.

What happened later?

Martin registered a case of stolen laptop and waited for the thief to surface on the Internet. Two days later he received an email – that meant the thief had logged on to his machine. With the help of the tracking software Martin was able to get a clear picture of the user, as well as details of the IP address and wireless network that he was using and his location. As if Martin needed more, he was able to capture a screenshot of the user when he was logged into his Facebook thus giving away his name and the school that he had been to.

The thief is caught

Martin passed on this valuable piece of information (Facebook screenshot) to the London police who tracked down the thief in no time. Martin lived in an affluent neighbourhood where robbery is a rare phenomenon. The thief was hoping to take advantage of the fact that there were riots in the city and that the Police would be too occupied to look into a laptop theft.

Details about the thief

The thief was an 18-year-old young man by the name of Soheil Khalilfar. The police raided his apartment and recovered the laptop. It was later returned to Martin.

Martin’s wish

“My hope was I was going to watch him being arrested from my laptop camera — that would have been the perfect ending. But they arrested him when I was on the plane back to London,” Mr Martin said

Tracking software from Alertsec

The above case is a classic example of why security software needs to be a part of any laptop/computer. Your laptop is practically your life. It contains valuable data like financial documents, passwords to important files, business deals etc.

Alertsec Xpress offers computer protection software from Check Point as a fully customizable and pre-packaged data encryption software solution.