RFID Proving Useful Against Theft
Radio frequency identification (RFID) technology is higher-profile than ever, and is being used in an ever-expanding number of applications. Here are two examples just from today's news:
Exam papers get RFID tags
Examination board Edexcel, London, is starting to add RFID tags to exam papers in an effort to stop students' work from going missing.
The company sent out 620,000 bags of exam papers last year and received around 70 reports of security breaches.
High-Tech Solution Catches DVD Thieves
DVD counterfeiting and piracy cost content creators and disk sellers billions a year in lost revenues. But even as the industry scrambles to get a step ahead of the digital thieves, a low-tech form of larceny -- the snatching of packaged DVDs from stores, warehouses and other points along the supply chain -- continues to yield losses "on the same order of magnitude," says Paul Atkinson, president and CEO at Kestrel Wireless, Emeryville, Calif.
Atkinson says, "10 to 15 percent of the disks -- especially newly released films -- shipped [annually] in the U.S. are believed to be stolen."...
New Burglar Alarms Hazardous to Responders
The International Association of Fire Chiefs, Fairfax, Va., is concerned about a new burglar alarm system that deploys dense smoke to incapacitate an intruder. The systems are sold on the premise of protecting a property by having a blinding smoke screen quickly fill an area when a burglar alarm is activated. In turn, the blinding smoke may likely activate a smoke/fire alarm; this would precipitate a fire department response.
Chief Alan Perdue, chair of the IAFC Fire and Life Safety Section, brought the new alarms to the attention of the IAFC board of directors, saying that several national franchise businesses are reportedly installing this type of system....
Small Firms Warned Of 'Security Apathy'
The National Cyber Security Alliance (NCSA), Washington, DC, has called on small businesses to fight " security apathy."
The US-based non-profit organization warned that hackers and identity thieves are increasingly targeting small businesses.
According to the NCSA, a recent FBI study found that 90 percent of small businesses had suffered at least one cyber-security incident within the past year, yet most small businesses are not doing enough to protect their businesses or customers.
"Even though small businesses recognize the need to make cyber-security a priority, many are intimidated by the perceived resources needed to implement the right security plan," says Ron Teixeira, executive director of the NCSA....
Book Series Offers Guidance to Non-Security Professionals
The Security Executive Council is offering business professionals a set of guidebooks to help them perform investigations of workplace misconduct.
When allegations of inappropriate behavior surface, the first corporate representatives notified are often not security professionals. In these cases, the responding personnel may find themselves in the unfamiliar territory of assisting in or even executing an investigation. The Response to Misconduct Allegations series by John D. Thompson provides practical guidance to non-security professionals who must play a role in investigations of inappropriate workplace behavior.
...
Thumb Drives: How They Hurt Security
According to a recent study from Centennial Software, United Kingdom, IT managers said portable storage devices, such as thumb drives and MP3 players, have surpassed even malware to become a top security concern.
The study, which polled 370 IT professionals, showed that 38.4 percent of IT managers say portable storage devices are their top security concern. That's up from 25.7 percent in 2006.
...
Thumb Drives: How They Help IT Security
Nearly 60 percent of businesses acknowledge that they have experienced at least one major IT security breach over the last six months -- up significantly from security breach data of three years ago, when major security breaches in six-month periods were under 40 percent. The question is, how do we make IT security more robust and at the same time, easier to use?
There have been robust security solutions in the marketplace for years that could capably combat many of the new and emerging security breach scenarios that companies are experiencing -- but companies have not widely implemented the solutions. One problem has been ease of use. ...
Fla. Police Chiefs Adopt Alarm Model Ordinance
Florida has set another "first" in its efforts to manage burglar alarms and enhance public safety. Last month, the Florida Police Chiefs Association (FPCA) passed a resolution to adopt a Model Alarm Ordinance. The ordinance will be used by police chiefs across the state to develop and/or revise their jurisdiction's alarm management programs. It serves as the nation's first model alarm ordinance developed by a state police chiefs association.
The Security Industry Alarm Coalition (SIAC), Frisco, Texas, and the Alarm Association of Florida (AAF) helped FPCA develop the ordinance. Last year all three groups supported a legislative bill that made Florida the first state in the country to fully enforce a statewide statue known as Enhanced Call Verification (ECV).
...
ADT Security Services: An Authorized Provider For Cisco
ADT Security Services, Boca Raton, Fla., has achieved the Physical Security (PhySec) Authorized Technology Provider (ATP) status from Cisco Systems Inc., San Jose, Calif.
The ATP designation recognizes ADT for its ability to provide the advanced technical skills and lifecycle services required to deploy Cisco network-based physical security solutions targeted to a range of industries.
This new diverse set of Cisco solutions now offers end-users the ability to seamlessly integrate with, displace or forgo expensive video surveillance transmission, matrix switch and distribution amp products historically used to connect cameras to security operation centers and various recording devices....
Research Suggests Data Loss Could Lead To Corporate Collapse
McAfee Inc., Santa Clara, Calif., has released a report titled "Datagate: The Next Inevitable Corporate Disaster?" revealing a widespread belief that a major security breach, even an unintentional one, could lead to the collapse of a major corporation.
The global research, conducted for McAfee by Datamonitor, New York City, surveyed more than 1,400 IT professionals at companies with at least 250 employees in the United States, the United Kingdom, France, Germany and Australia.
Thirty-three percent of respondents said they believe a major data loss incident involving accidental or malicious distribution of confidential data could put them out of business....
Report Recommends Better RFID Security
Organizations that use RFID devices should systematically evaluate potential security and privacy risks posed by the technology, U.S. government officials say in a new report detailing best practices for retailers, manufacturers, hospitals and federal agencies. RFID raises unique security concerns because, unlike a desktop computer or most devices overseen by a company's network security crew, a single RFID tag may be handled by multiple organizations.
"When you go into RFID, the chain of custody is different," says Tom Karygiannis, lead author of a 154-page report released by the Department of Commerce's National Institute of Standards and Technology (NIST). "We're talking about a global supply chain. You're working with suppliers, manufacturers, retailers; different organizations may have possession of the merchandise that has the RFID on it throughout the life cycle. This raises new privacy and security risks."...
Security Groups Provide Campus Safety Statistics
In the wake of the Virginia Tech shootings, parents and students are seeking information on campus security as well as pushing security groups to release information about past incidents on campus.
Security on Campus, a nonprofit advocacy group, says a number of high schools are asking for copies of the group's "safety audit," a printed guide to help seniors evaluate campus safety along with other factors as they make their college choice.
Experts emphasize that there is no way to anticipate an event like the Virginia Tech shooting, but that the two big issues highlighted -- campus mental health services and security -- are topics every student should care about....
Companies
Mergers & Acquisitions Universal Protection Service, Santa Ana, Calif., is under new ownership. Brian Cescolini and Steve Jones became the sole owners...
Employee Performance Review May Have Sparked NASA Shooting
Houston police believe a bad performance review might have led a NASA contractor to fatally shoot his co-worker and take another employee hostage before killing himself, according to CNN.com.
Houston Police Chief Harold Hurtt said Saturday that an e-mail critical of an employee's work set Friday's events in motion at Johnson Space Center in Houston.
The gunman, a contractor identified as Bill Phillips, received an e-mail from NASA employee David Beverly last month. The e-mail detailed Phillips' "job deficiencies" and outlined a plan for improvement....
New Study Reveals Password Vulnerabilities and Concerns
A large percent of IT and security executives across different industries have a growing concern over the use of password security, as more sophisticated network threats and breaches continue to evolve, according to findings of a new research initiative by DigitalPersona, Redwood City, Calif.
The study, titled "Secure Your Network Assets," was conducted in conjunction with the Business Performance Management (BPM) Forum, an organization that helps advance the understanding of business performance management techniques, technologies and processes in global enterprises.
The research collected responses from IT and security professionals to demonstrate that password security issues, especially the sharing of passwords among colleagues, can be critical or disastrous to a company and lead to network data breaches. ...
'Hacker Boot Camp' Teaches IT Security Tactics
A new training course offered by Philadelphia-based Training Camp, a company that provides accelerated learning courses for IT professionals, is helping students learn to protect their companies' computer systems -- by breaking into them, reports The Philadelphia Inquirer.
The weeklong "Hacker Boot Camp" helps its students, who work for corporate IT departments, understand how hackers think and determine what makes systems vulnerable.
"Want to create a fake record in a database? Want a $1 million account with your favorite bank? We can do that," instructor Steve Kalman says. ...
'Copycat' Threats Keep Schools On Edge After Campus Shooting
The FBI says that law enforcement agencies across the nation have received numerous "copycat" threats against schools since the April 16 Virginia Tech shooting, according to CNN.com.
The FBI logged nearly a dozen school threats last week in the three days following the shooting.
Schools in New York, New Jersey, Minnesota, California, Washington and Texas were among those receiving threats.
The bureau says authorities are doing everything they can to figure out who is responsible....
FCC Strengthens Privacy Rules To Prevent Pretexting
The Federal Communications Commission (FCC) has strengthened its privacy rules by requiring telephone and wireless carriers to adopt additional safeguards to protect the personal telephone records of consumers from unauthorized disclosure. The safeguards help prevent unauthorized access to customer proprietary network information (CPNI), also known as pretexting.
According to the FCC, pretexting is defined as the practice of obtaining someone's personal information under false pretenses. Pretexters can sell that information to people who may use it to obtain credit cards, steal assets, to investigate someone or even sue them....
Miami Investment Firm Aims To Build Security Empire
Trivest Partners, a Miami-based private equity firm, has decided to build "one of the largest privately held security businesses in the United States," reports The Miami Herald.
According to the story, security guards have a "tremendous" advantage as business opportunities: the positions cannot be outsourced.
''With the advent of Homeland security, this appears to be an important part of our society for many years to come,'' says Trivest partner Jamie E. Elias. "It is not susceptible to outsourcing trends. It is not going to China or India because customers want the physical presence of a security guard walking the premises.''...
Multi-Faceted Approach Works Best Against School Violence
Violence has shaken many schools across the country. More than two dozen school shootings have occurred since the school year began; yet there is hope. Communities are banding together to protect their children. Schools are working on many fronts to curb aggression and keep students out of harm's way.
There is no magic answer to keeping violence out of schools. It requires a multi-faceted effort from administrators, staff, parents and students. Available strategies include peer mediation and conflict resolution training, video analytics in school "hot spots," and teaching students how to use the Internet safely.
Numerous methods are available for defusing conflicts before they erupt....
Network Security Is Top of Mind For Executives
Network security is regarded by executives as the single most important attribute of their network, according to the results of a global survey conducted by the Economist Intelligence Unit (EIU) for AT&T.
The research reveals that 52 percent of executives now believe that having a converged network gives their companies better defense against IT security breaches.
Furthermore, nearly 70 percent feel that IP helps ensure business continuity following an emergency....
Fired Wal-Mart Security Technician Tells Of Spying Operation
Wal-Mart's security efforts were thrust into the spotlight when a fired technician alleged he had been part of a large surveillance operation that spied on company workers, critics, vendors and consultants, reports the Associated Press.
The company has defended its security practices.
Wal-Mart has declined to comment on specific allegations made by 19-year veteran Bruce Gabbard to a Wall Street Journal article published April 4. The company reiterated that it had fired Gabbard, 44, and his supervisor in March for violating company policy by recording phone calls and intercepting pager messages....
Atlanta CNN Center Security Reviewed
Security at the Atlanta CNN Center tourist attraction is being reviewed after a man accused of killing his ex-girlfriend there April 3 was apparently able to bring a gun inside undetected, the Associated Press reports.
The complex houses the network news channel's headquarters.
Metal detectors were installed at entrances to CNN Center after the Sept. 11th terrorist attacks, but they were later removed after the threat level diminished.
"Whenever an incident does happen, we develop lessons learned and we will be doing that over the next few weeks, both short-term and long-term," says Alec Fraser, whose duties as president of Turner Properties include overseeing CNN Center security....
Voice-Over-IP Can Complicate Schools' Enhanced 911 Systems
Schools should have accurate, location-specific enhanced 911 (E911) systems on campus. Regardless of any legal liability or regulatory reasons that may compel these systems, safety concerns are more than enough to justify them.
Now, with the availability of IP-enabled telephone networks, education institutions are on the cusp of a revolution in the way campus E911 programs are managed, according to an article in the February 2007 issue of American School & University, a sister publication.
Colleges and universities, with sprawling campuses and many on- and off-campus buildings networked back through the primary PBX switch, present particular challenges for 911 systems. Often, the remote sites need to route to a public safety answering point (PSAP) other than the main PSAP, compounding the difficulty of determining the exact location of an emergency caller....
Shopping Centers Present Intractable Security Challenges
Shopping centers remain among the most readily accessible targets for both terrorists and garden-variety criminals, recent industry studies confirm.
Since 1998, more than 60 attacks have taken place at shopping centers around the world, according to "Reducing Terrorism Risk at Shopping Centers," a report produced by the RAND Corp., a non-profit think tank headquartered in Santa Monica, Calif.
Last December, the FBI arrested a man for allegedly planning to set off grenades at the 783,167-square-foot CherryVale Mall in Rockford, Ill....
Experts Agree That Encyption Is Key to Enterprise Data Security
A new survey of information security executives indicates that enterprise encryption is vital for the protection of sensitive data.
Enterprise encryption is defined as the persistent encryption of sensitive data stored on any device within an enterprise, including servers, storage devices, desktop computers, POS systems and mobile devices, such as laptop computers and USB drives.
BitArmor Systems Inc., Pittsburgh, an enterprise encryption vendor, conducted the survey among attendees at MIS Training Institute's 2007 InfoSec World Conference and Expo in Orlando held March 19-21....
