Posted by Daryl Rinaldi on Mon, Jan 18, 2010 @ 06:18 PM
Data privacy is a hot topic these days. The new privacy regulations (201 CMR 17:00) by the Massachussetts Office of Consumer Affairs and Business Regulation are going into effect March 1st, 2010. These regulations cover any business that stores personal information about Massachusetts residents. Your Boston-area IT Support firm or IT Department should be knowledgeable on the specific requirements of the regulations. Some important things to consider:
- Even if you don't collect customer personal information, if you keep your employees' Social Security Numbers then you are covered by these regulations.
- There is no technological silver bullet. These regulations require you to adopt certain business practices now.
- You have to create a Written Information Security Program (WISP).
- You have to appoint an Information Security Manager to maintain the WISP.
- As part of the WISP you must inventory reasonably foreseeable security risks and the WISP should address those risks.
- The first step is to actually inventory the personal information (see our white paper for the definition of "personal information") your company keeps. You may be surprised at all the places this information resides.
- These regulations apply to personal information on paper as well as in electronic form. If you don't already have locking filing cabinets you should get them now.
- The regulations have some specific requirements about your computer systems, your password security, and data encyption. Download our white paper for a more detailed discussion of the computer system requirements.
GizmoFish has prepared a helpful White Paper called "10 Things You Must Know About the New Massachusetts Data Privacy Regulations." Click -> here to download this paper
Posted by Daryl Rinaldi on Sun, Dec 20, 2009 @ 12:47 PM
Did you know according to a recent study by Dell and the Poneman Institute that:
- Up to 12,000 laptops are lost or stolen in U.S. airports each week.
- Between 65 and 70 percent of lost laptops are never reclaimed.
Think any important, sensitive business data could be on those laptops? Yea, me too. OK even though I'm sure this could never happen to you (ahem) here are 4 quick tips from our friends at Sunbelt Software makers of our absolute favorite Anti-Virus/Anti-Spyware Program VIPRE, about how to protect yourself just in case...
- Computrace: If you are familiar with LoJack for your car there is one available for your laptop as well. Computrace LoJack for Laptops by Absolute Software is a software-based theft recovery service. It tracks and locates stolen computers and lets you remotely wipe all data from the hard drive.
- Passwords, Passwords, Passwords: Pretty commonsense advice here: Don't make them short and simple (Think pass-phrase, not pass-word); change them regularly, and don't share them with strangers. Be sure your laptop requires a password or a fingerprint scan to log on. We strongly suggest you automate and secure the many passwords you use with my personal #1 favorite piece of software ever: RoboForm. RoboForm encrypts and stores all your passwords for you so you only have to remember 1 password and it remembers all the rest. Cool huh?
- Be Watchful: Observe your surroundings. I don't mean to sound paranoid but there are serious thieves who specialize in stealing laptops (especially when going through airport security). Watch for those watching you. You don't have to be weird about it, just stay alert.
- Not All Wi-Fi Is Created Equal: Look for legitimate hotspots and not fall prey to some nefarious doings. It is better to pay a fee and be safe than try to log in where you don't belong. Better yet get an aircard for your PC that lets you get online using the cell phone network anywhere that gets reception -no more hunting around for a wi-fi hotspot!
Posted by Daryl Rinaldi on Tue, Dec 15, 2009 @ 12:40 PM
Scam Alert!
Be careful about scam emails offering urgent security updates from Microsoft. These emails try to trick you into downloading dangerous malware (viruses or spyware). Microsoft does NOT send unsolicited emails and they do NOT send attachments. If you have automatic updates turned on your PC will download them automatically. You won't get an email from Microsoft about it.
Your IT Support Vendor should have you well-protected with:
1. A fully-monitored anti-virus and antispyware system
2. 24/7 monitoring of your network for unusual activity
3. A fully-monitored complete backup system so that you can recover even if a virus wipes out your critical business data.
With these 3 layers of protection in place you are well-protected even if you inadvertently download something you shouldn't.