Two recent Blog posts (by Kearns and JBohren) refer to a damning number - the high percentage of orphan accounts that exist in most applications and most large organizations. An “orphan” is an account that belongs to some person who’s left the organization (or never existed in the first place). It can’t be [...]

Filed under: Identification, Legal, Provisioning, Security | 1 Comment »

Yesterday, I was fed up with my password mess. I had too many passwords, and despite my “method,” I was losing track of them all. I decided to work on upgrading my method. I started out looking for a replacement “password vault.”
Here are my requirements:

is highly secure, using accepted standards (i.e. - [...]

Filed under: General, Legal, Privacy, Security, encryption | 9 Comments »

Funny story of the day…
Ever heard of LifeLock? They describe themselves as an “Identity Theft Protection” service. LifeLock put out a commercial where the CEO hands out his social security number to random people on the street, and puts it on billboards, sides of trucks, etc. Never seen it? Check out [...]

Filed under: Identification, Legal, Privacy, Security | No Comments »

In the tragic case of a 13-year old MySpace user who committed suicide from online bullying, the AP reports in this article that Federal Prosecutors have indicted the accused “bully” on one count of conspiracy and three counts of “accessing protected computers without authorization to obtain information.”
That latter charge is based on the fact that [...]

Filed under: Anonymity, Identification, Legal, Privacy | No Comments »

In the hierarchy of security, keyloggers were once considered small potatoes. The threat was deemed unlikely, and almost fanciful. Not anymore. Keyloggers are everywhere. For those new to the area, a keylogger does just what it sounds like — records keystrokes — which can then be played back. [...]

Filed under: Legal, Privacy, Security | 2 Comments »