Federal Data-Protection Law

November 24, 2009 — Mrs. Mecomber

On the surface, this sounds like good news. Basically, it’s a bill that would create a national standard for protection of data, and would require notification of breaches of sensitive data. Data breaches, data sharing, and data theft has become FAR too common, and businesses and the government have treated it very lightly. So, I’m hoping this new bill would help resolve it– of course, I’m also hoping the government hasn’t added a ton of pork or liberty-killing bills dog-eared with this bill. :-p

Federal data-protection law inches forward
The Personal Data Privacy and Security Act was approved by the Senate Judiciary Committee

A sweeping new bill that would implement a national standard for data protection and breach notification got a boost of support today from the Senate Judiciary Committee.

The committee approved the Personal Data Privacy and Security Act of 2009 (S.1490) by a vote of 15-5. The bill is now headed to the full Senate for consideration.

If it becomes law, the bill, which was introduced by Sen. Patrick Leahy (D-Vt.), would require companies and government agencies to follow specific rules for protecting sensitive and personally identifiable data.

Under the proposed law, all private and government entities handling sensitive data would be required to implement specific risk assessment and vulnerability testing measures. They also would be required to deploy measures for controlling access to sensitive data, detecting and logging unauthorized accesses to the data, and protecting data while it is in transit and at rest.

The bill would introduce a federal breach-notification standard under which companies would be required to notify not just individuals affected by a data breach, but also, in some cases, credit reporting agencies and the U.S. Secret Service. It would establish a new Office of Federal Identity Protection within the Federal Trade Commission and stiffen penalties for identity theft and related fraud.

The law would also provide notification exemptions for companies that have taken adequate measures — such as encryption — to protect sensitive data. Companies would also not be required to immediately disclose a breach if it would hinder a criminal investigation. But such exemptions would need to be vetted by the Secret Service. The law provides for penalties against executives of companies that willfully conceal a data breach.

Here’s hoping we see some change….

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]
Posted in crime, security news. Tags: , , , . Comments Off »

Hacking… For a Living?

April 21, 2009 — Mrs. Mecomber

This probably comes as no surprise in this day and age: could you or would you be able to make a living, hacking software?

I think it would be COOL!

I do a little “hacking” from time to time. Now, I’m not trying to access bank records or anything like that at all- but I’ve looked into cracking passwords, intercepting and filtering data, and I’m certainly interested in computer software, security news and database work Today, as the world and all its data is being digitalized, IT Security is more important than ever. There is a great need for computer experts and people who understand data and its languages. This is really great news for the moral computer geeks out there (the new term is “Ethical Hacking“) who more interested in using their computer skills to help mankind than to steal, kill, and destroy mankind. “Hacking,” for lack of a better term, can be very beneficial in today’s digital world.

And would you believe that there is a school, with instructors, who will help hackers-to-be learn skills and techniques? One such place is EC-Council. They offer online and live instruction in:

    -Security Fundamentals
    -Ethical Hacking
    -Penetration Testing
    -Computer Forensics
    -Disaster Recovery
    -Secure Programming

This looks fascinating to me! I would love to do something like this. I love learning about data and organization and how stuff works. And being a moral person, this kind of work is right up my alley. So how do you think “Ethical Hacker” would look on a resume? How about you? Would you ever get into a career as an Ethical Hacker, helping companies with computer security, discovering and finding weaknesses, or playing detective for leaking information or criminals? If you’re interested in becoming a Certified Ethical Hacker, or are the least bit curious about this new and growing kind of work, check out the website for more information.

Post?slot_id=36364&url=http%3a%2f%2fsocialspark

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]
Posted in crime, security news. Tags: , , , , . Comments Off »

Inside a Google Data Center

April 15, 2009 — Mrs. Mecomber

Ever wonder where it “all” happens? I found this really neat video about Google’s vast data center base, located in Mountain View, California. This is the Google-released video of their data centers tour. The guy speaks like he’s is from Upstate New York. Hm.

The next video is a compilation of photos with an independent narrator. The photos aren’t the greatest. But it’s another good look into the Temple of Google, the Master of the Internet, the Fate of the Blogs. :-p

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]
Posted in Google. Tags: , , . 2 Comments »
«
»