Early on in my information security career I was auditing a firm that conducted complex economic analyses for their clients. They processed a lot of personal information and they wanted to be sure they were applying appropriate controls to safeguard that information. Part of their business model was to charge their clients per hour for […]
FOR IMMEDIATE RELEASE HALOCK Investigation finds that 25% of sampled colleges and universities are putting student and parent private financial data at risk
I received an email last night from my online video rental provider that they were compromised and that my personal information may have been stolen. I immediately thought that this was a “phishing” scam and deleted the email. With all the compromised data in recent years though, Sony, and Barnes and Noble to name a […]
The Massachusetts law 201 CMR 17.00 that forces US organizations to protect the PII of Massachusetts residents went into its final enforcement phase on March 1, 2012. By that date, no exceptions, businesses that send Massachusetts-based PII to vendors (service providers) needed to require in providers’ contracts that they will also abide by the law.