Speaking of Security – The RSA Blog and Podcast

One of my recent blogs was called ‘Taking me with me’ where I talked about the concept of having all my personal information held somewhere securely which I could access and allow others like government bodies, medical professionals, financial institutions etc. to access for ‘one time transactions’ only. The idea was that you are in possession/control of your own personal information and could make an informed decision as to with whom and where you share that information.

One of the great things about traveling is the interesting folks you meet. That’s true not only in meetings and conferences and such, but also on the plane. I’ve had fascinating conversations many times with the people sitting next to me — sometimes about computer security, as when the director of consulting at Verisign and I spent hours talking during a long transatlantic flight. But often the conversations are on wide-ranging topics far removed from security.

We are a funny lot in Europe, guarding our privacy and more importantly the privacy of our data is of paramount importance.   The protection and privacy of personal data is a fundamental right within the EU. According to the Digital Agenda for Europe, concerns about privacy are among the most frequent reasons for people not [...]

Geolocation has been talked about a lot in IT circles in recent years. It’s one of those terms that means different things to different people, so it could be storing data in a particular place or it could be tracking some data or tracking an identity (person or machine). Scott Charney, Corporate Vice President, Trustworthy Computing at Microsoft discussed the concept of geolocation in his keynote. He used an interesting example of using GPS and tracking an individual and the types of data that can be obtained by doing that.

Googling yourself is an important exercise in order to understand what others can find about you. I constantly stress that security will always come down to the individual – how it comes down to you. If you don’t know what others know, how can you protect yourself, your life, your job, your career?

In Dr. Larry Ponemon’s recent eGRC and Data Privacy study, the Ponemon Institute, LLC independently surveyed 190 Archer eGRC Community members to examine the challenges they face in meeting eGRC and data protection objectives. One of the challenges that Dr. Ponemon notes is the need for collaboration between the Legal and IT teams to handle incidents as well as validate compliance to ever-changing regulations.