ISACA Atlanta Chapter

Square Account

Wed, 24 Aug 2011 11:30:16 -0400

so… I am hosting a moving sale at my house this weekend, and I decided to take credit cards. I purchased a Square credit card reader. After rethinking this, I wondered how secure the gadget is and was happily surprised to learn that all data is encrypted and that they are PCI compliant!

Do you use the ” square”? How does it work for you?

GEEK WEEK Day 2

Tue, 23 Aug 2011 08:35:12 -0400

Today’s conference breakfast sponsored by MegaPath and Fortinet covers risk, compliance and security. Beginning in the 2000’s cybercrime from organized cyber-gangs to the sale of serviced such as bonnet rentals, malware distribution and technical support via social networks has become increasingly more complex!

Threats (advanced, persistent threats) are out there… And not just for notoriety, but for financial gain. What can be done to decrease your exposure to these risks? Malicious activity can occur within trusted applications…

Navigating the security landscape: connection security; application security and content security. Determine what your needs are - don’t let a vendor tell you what they are! whatever your needs, make sure you have complete content protection… Layer your security so that if one layer misses a threat another will catch it. The earlier you block the threat, the easier it is to control.

Look at all of your third party solutions (fixing one problem at a time) and try to consolidate… Most solutions (even from the same company) are not integrated.

Main thing to keep in mind: do what makes sense for your company! Review your environment and take the appropriate steps to mitigate risk based on your risk tolerance.

What things do you do to secure your company’s data?

Hacked in 60 Seconds: Thieves Could Steal Cars via Text Messages

Tue, 23 Aug 2011 08:06:51 -0400

Hacked in 60 Seconds: Thieves Could Steal Cars via Text Messages:

infoneer-pulse:

iSEC researchers Don Bailey and Mat Solnik claim to be able to hack their way into a securely locked car because its alarm relies on a cell phone or satellite network that can receive commands via text messaging. Devices connecting via a cellular or satellite network are assigned the equivalent of a phone number or Web address. If hackers can figure out the number or address for a particular car, they could use a PC to send commands via text messages that instruct the car to disarm, unlock and start.

One of the reasons this text-messaging approach is disconcerting is that text messages aren’t so easy to block, unless you don’t want to receive any texts (either to your car or phone). Google Voice, iBlacklist and a few others (including wireless carriers AT&T and Verizon) do offer some tools for filtering unwanted text messages.

» via Scientific American

How Will you Fare?

Thu, 21 Jul 2011 07:50:00 -0400

How Will you Fare?:

Some people have heard me say, “don’t post anything on the internet or through email that you wouldn’t want your grandmother to read…” This post is an example of why…

…Social Intelligence creates a report, which it would then send to an employer. And if you don’t get a job because of your social media report, you can request a copy. Mine’s filled with delightful details, like “subject admits to use of cocaine as well as LSD,” and “subject references use of Ketamine.”

Basically, I may never work again.

What would your report look like?

Small Dreams: This was my morning

Wed, 20 Jul 2011 09:59:00 -0400

Small Dreams: This was my morning:

This is what Brittney Watts, the beautiful young lady that was killed in the Midtown Shooting last Friday, posted in her blog one month ago - gives me chills!

foxwatts:

got up late

had nothing to wear

took a dark shower because both lights were out

had to go downstairs to dry hair because plug didn’t work

then realized the bathroom fuse was out

spent 5 minutes looking for my car keys

spent 5 minutes trying to lock the old-school door

spilled half mymy coffee while i was trying to lock the door

wreck on ponce, horrible traffic

could not find my key card to get into the parking lot

that was my morning.

But as I started typing this, I realized that i am not dying, my family is healthy, and happy, and when i have bad days/mornings, I realize my day is a dream compared to others who are suffering from much worse. that is all.

mycatellsworth: Sometimes all it takes is a Diet Coke to get...

Tue, 19 Jul 2011 07:56:18 -0400

mycatellsworth:

Sometimes all it takes is a Diet Coke to get your pep back. ~Meow~

I Remember when it was just the simplest things that made me happy… playing in the front yard with my Brother and Sister; going to Milford Swim Club and playing with friends, etc.

What makes you happy now?

More Than Mary Tumblr: The Great Steak Debate: What is the best way to cook it?

Thu, 07 Jul 2011 12:05:05 -0400

More Than Mary Tumblr: The Great Steak Debate: What is the best way to cook it?:

maryrambin:

I think 9 out of 10 men would agree grilling a steak is the best way to cook it.

Celeb Chef Tom Colicchiio is one man who disagrees. He told Esquire roasting is his preferred technique. Interesting…and helpful! If you’re like me and want nothing to do with a grill, then having a roasted steak…

COBIT 5 Framework

Thu, 07 Jul 2011 09:46:40 -0400

The latest draft of the next version of ISACA’s governance of enterprise IT framework—the COBIT 5 Framework—is provided here for your review and feedback. This foundational COBIT volume introduces the following that combine to provide a comprehensive, effective framework to support the governance and management of enterprise information and related technology:

Principles
Drivers
Benefits
Enablers
Other aspects

The primary objective of this exposure is to obtain public input and comment regarding the completeness, quality and value of the development work undertaken. Please complete the short survey questionnaire below to provide your feedback on the work completed to extend, improve and advance ISACA guidance in this area. This online questionnaire will remain open until 31 July 2011.

The verdict is in

Tue, 05 Jul 2011 14:42:08 -0400

So, I usually don’t get into highly televised court cases; however, sometimes it is impossible to miss… The Casey Anthony verdict came out at 2:15pm EST today - see this Blog (thanks @CNN) for details.

What do you think about this verdict - did the jury get it wrong?

What will you try for 30 days?

Fri, 01 Jul 2011 15:55:26 -0400

What will you try for 30 days?

My Cat Ellsworth: Showered with Gifts

Thu, 30 Jun 2011 21:40:16 -0400

My Cat Ellsworth: Showered with Gifts:

mycatellsworth:

It kinda sorta actually happened! I had a kitty shower! In an earlier post, I mentioned how cool it would be (and very presumptuous) to have a kitty shower for Ellsworth. I never really planned on having one, but it was fun to think about. The wonderful people who gave me gifts didn’t know they…

Skype's Stock Options - the Why...

Mon, 27 Jun 2011 09:00:02 -0400

Skype's Stock Options - the Why...:

As a follow up to Friday’s post, here’s what Tech Crunch had to say:

Here’s the relevant language in the stock option grant agreement. It refers to a Management Partnership agreement which isn’t public and it’s unclear if employees ever get to see it (my guess is not):

If, in connection with the termination of a Participant’s Employment, the Ordinary Shares issued to such Participant pursuant to the exercise of the Option or issuable to such Participant pursuant to any portion of the Option that is then vested are to be repurchased, the Participant shall be required to exercise his or her vested Option and any Ordinary Shares issued in connection with such exercise shall be subject to the repurchase and other provisions in the Management Partnership agreement.

Vested or Not???

Fri, 24 Jun 2011 12:05:06 -0400

Vested or Not???:

THis article caught my eye this morning and made me wonder what your thoughts are about this? Was Skype right to recall the vested options?

90% of Business were breached in the last year

Fri, 24 Jun 2011 09:39:31 -0400

According to the SC Magazine article:

Fifty-two percent of breaches were caused by insiders, while 48 percent were the result of a malicious software download, 43 percent came from malware on a website and 29 percent from malware on social media. System glitches were responsible for 19 percent of breaches, while malware from text messages caused three percent.

What are you doing to prevent this?

Who knew this was possible?

Thu, 23 Jun 2011 09:32:12 -0400

Who knew this was possible?:

I may not be creative enough to pull this off, but it is amazing what can be done with an iPad…

Animator Shawn Harris picked up an iPad with the Brushes app on board and created a lively and colorful music video for the group Blush featuring Snoop Dogg. Who knew this was even possible? It’s the first music video created entirely using the Brushes app for iPad.

Can this new technology can turn an amatuer into a professional

Wed, 22 Jun 2011 08:51:59 -0400

Yesterday, the NY Times posted an article about a breakthrough technology for photography - it allows you to adjust the focal point after the picture is taken! I don’t know about you, but there are many shots that I have taken that are ruined because of my focal point.

“We see technology companies all the time, but it’s rare that someone comes along with something that is this much of a breakthrough,” said Ben Horowitz, co-founder of Andreessen Horowitz, a major investor in Lytro. “It’s superexciting.”

I am super excited for this technology also - I can’t wait for it to become mainstream!

Are you Stifiling Innovation to mitigate Risk???

Tue, 21 Jun 2011 11:04:57 -0400

Incoming #ISACA president Ken Vander Wal discusses risk and innovation in this new NACD Directorship article.

Innovation is a must-have for delivering growth and competitive advantage, but as corporate initiatives go, it also has one of the higher risk profiles. One of the most powerful enablers of innovation is information technology (IT)—especially with the rise of social media, collaboration software and trends such as “crowdsourcing.” For companies that want to innovate more—or more effectively—the practices underlying the governance of IT risk can be a very useful way to approach innovation. The pay-offs are increased stakeholder buy-in, few surprises in cost or timeline, and greater predictability about whether the outcome will be usable.

What do you do to help create an environment of innovation?

Would you take part in this trend?

Mon, 20 Jun 2011 09:42:33 -0400

I have to admit, I am a little confused by this New Trend of “flash robberies”. Using social media groups of 20 or more young people unite to rob stores… Really??? These youngins (yes, feeling very old writing this post) are caught on surveillance video participating in this illegal act. What is the point?

Let me know what you think.

Are they at it again???

Thu, 16 Jun 2011 07:36:00 -0400

It started with Sony - now it is the CIA… really, the CIA. Supposedly, the group responsible is not trying to do harm, they are exposing vunerabilities. Is this group trying to become the Big Brother Auditor?

The following was posted in the Washington Post:

At 5:48 p.m., LulzSec, which dubs itself “the world’s leaders in high-quality entertainment at your expense,” posted an alert on Twitter: “Tango down — cia.gov — for the lulz.”

What steps would you take to expose vulnerabilities?

Losing Faith in Facebook, One Security Setting at a Time

Wed, 15 Jun 2011 17:27:12 -0400

Losing Faith in Facebook, One Security Setting at a Time:

There goes Facebook again, igniting a privacy firestorm, this time on the cusp of the announcement of its $100 billion public offering. What’s firing people up this time? The site has been gradually releasing a new facial recognition feature, which has greatly concerned privacy experts and the public.

What does this new feature do? The tool, called “Tag Suggestions,” works as follows, according to Facebook: “When a user uploads new photos to his or her Facebook profile, the new feature then scans them with facial recognition software to match the people in the photos with other photos in which they have been previously tagged.” Tag Suggestions also provides users with group tagging — users can type a person’s name in, and then apply the assigned name to all photos of that person in the user’s profile, says a Facebook Blog post on the subject.