Data Held Hostage

Be careful about your web based HR systems.

An online patient care system has denied over 100 doctors access to their patient's accounts. According to one customer-doctor, there was nothing in her contract that said she would lose access to her patient data if she didn't pay for technical support. When the company raised the technical support from 1,200.00 to 5,000.00, she didn't renew and her access was then promptly cut off.

It would be pretty disruptive if you lost access to all your employee records.

August 09, 2006 in Security, Technology, Workplace Issues | | Comments (0) | TrackBack (0)

Workplace Privacy - Not!

A recent federal court case ruled against an employee claiming his surfing habits at work are private. The employee was director of operations and was busted for downloading obscene material at work. The judge in the unanimous decision stated:

Social norms suggest that employees are not entitled to privacy in the use of workplace computers, which belong to their employers and pose significant dangers in terms of diminished productivity and even employer liability.

He said other courts have consistently ruled that employers are entitled to monitor their workers' use of computers as long as they had disclosed that policy to their workforce.

A key element in this case was the fact that the company did notify all employees prior to the incident that:

  1. Their computers were company property.
  2. They were not to be used for personal activity,
  3. and they were subject to monitoring.

The court sited a 2001 American Management Association study that found more than three quarters of American firms monitor employee communication on the job, both email and phone.

The judge summed up with, "Employer monitoring is largely an assumed practice."

August 09, 2006 in Security, Technology, Workplace Issues | | Comments (0) | TrackBack (0)

Fake MySpace Page

A Human Resources guy went to MySpace to create a profile and found an account under his name already, complete with photos and friends. The only catch is they weren't him or his friends and they were filled with "vulgar and erroneous statements" about him and his company. He had to threaten legal action before MySpace would take it down.

Moody tried to contact MySpace.com about the page, but he initially encountered some problems.

"They said, 'We can't help you because you don't have an account.' But I threatened legal action and within 48 hours, I got another e-mail stating that the profile had been deleted," he said.

Experts suggest inserting your name in a search engine and if a profile appears on a site you didn't establish, have it closed as soon as possible.

July 28, 2006 in Security, Workplace Issues | | Comments (0) | TrackBack (0)

MIT Site Hacked

Technology Review, the magazine from MIT, had its website hacked tonight. Links on this page, like the one labeled "A Clue To Living Longer," redirect to a geocities page with the following URL: "http://www.geocities.com/mr_lord_sadler/own.txt" and displaying the following:

Hacked By Mr.CrackerZ

July 28, 2006 in Security | | Comments (0) | TrackBack (0)

Stop Identity Theft

Stop_identity_theft_1The FTC has a two page brochure on how to prevent identity theft (pdf) called Deter, Detect, Defend. This would be a good thing to post in the workplace and print out for each employee. Here is more information on the Deter, Detect, Defend program. Both links provide tips on safeguarding your ID, monitoring your credit card activity to detect ID theft, and what to do if you suspect a problem.

July 24, 2006 in Security | | Comments (0) | TrackBack (0)

Stop Junk Mail

Security Want to stop all those credit card offers in your mail box? Want to make it less easy for identity theives to steal your ID's? The Federal Trade Commission explains how to stop credit card offers. Here is the site for opting out. You can opt out for 5 years or forever or back in again. Opting out does not affect your credit card score.

July 24, 2006 in Security | | Comments (0) | TrackBack (0)

Banned At Work: Laptops, USBs, iPods

Usb_drive 49% of Canadian firms ban personal laptops and USB devices for security reasons. 30% ban MP3 players like iPods. Although 22% of Canadian companies do offer remote access to their corporate intranets, security concerns are the main reason cited for not providing remote access.

July 19, 2006 in Office Gadgets, Security | | Comments (0) | TrackBack (0)

Imposters Dupe Company Into Releasing Data

Security_1 Someone pretending to be an officer of the victimized companies was able to get ADP to give out investor data for those companies. Fidelity said 125,000 customers were affected. UBS and Morgan Stanley were also affected.

An unauthorized party impersonated officers at an undisclosed number of public companies to obtain investor information between November 2005 and February 2006.

Link

July 10, 2006 in Security | | Comments (0) | TrackBack (0)

Spy Camera Detector

Spyfinder Spy cameras are very cheap and very common. They are planted in public places,Camera_detector offices, rental units, restrooms, changing rooms. You can protect your facility and your employees from this illegal spying with these small and inexpensive devices that detect hidden cameras. Prices are around $99.00 and are sold under the name SpyFinder. The image on the right shows how hidden cameras look in the view finder (the white dots).

June 29, 2006 in Office Gadgets, Security | | Comments (0) | TrackBack (0)

Smart Phishing Gets Us All

Security A new study at Harvard shows that 90% of participants were fooled by fraudulent phishing attempts. Phishing is using fake websites and tactics to trick people into entering passwords or other sensitive information. They discovered that the existing security in browsers is ineffective because they are ignored, misunderstood, or easily spoofed. They are proposing a new and clever idea: use a secret image that only the user knows as the background for username, password entry. If the image is not there, the user knows the site is fake. The concept is called Dynamic Security Skins.

June 29, 2006 in Security, Technology | | Comments (0) | TrackBack (0)

« Previous | Next »