SecureID News reports that Disneys MagicBand IDs are a great success, having been used by some 80,000 attendees in 2014. The enhancement cost $1 billion and should open new revenue streams or enhance existing ones by EoY, 2014. I would expect an interesting increase in traffic over Disney’s backbone to keep up with near real-time response needed… Continue reading Disney Identity Starts With 80,000 Customers
Category: Information Security
Current Event: Are Privacy Bits Special?
Thursday (7/31/14), Microsoft was ordered by a US federal court to turn over e-mail that’s stored on a Microsoft server in Dublin, Ireland. The ruling was stayed, pending Microsoft’s appeal. The implication for Cloud companies based in the US (Microsoft’s Azure and Office 365, Evernote, Apple’s iCloud and Google’s Gmail to name a few biggies) is that… Continue reading Current Event: Are Privacy Bits Special?
What Are Controls (Safeguards)?
Controls are logical mechanisms applied in an effort to reduce risk. This may feel vague because the term is primarily an abstract, logical entity that has specific implementations and humans like more concrete, implementable things. Architecturally these entities sit at the logical layer but have concrete instances that are implemented by contextualizing the qualities of… Continue reading What Are Controls (Safeguards)?
New Paradigm, Same Old Humans
In the last two weeks three major Cloud Service Providers (CSPs), Evernote, Feedly & Code Spaces, endured Distributed Denial of Service (DDoS) attacks. For Code Spaces the attacks continued, changed tactics & caused that company to close. Who doesn’t make use of distributed services these days? From Facebook to Feedly to Evernote. We keep our… Continue reading New Paradigm, Same Old Humans
What is Compliance?
I read and hear the term “compliance” used liberally in infosec, often without a clear context. The graphic above is intended to illustrate some business drivers such as statutory laws, regulatory agencies (e.g. GAO’s HIPAA), industry-imposed requirements (e.g. PCI DSS), customers’ and shareholders’ expectations (some of which are legally and contractually required). These plus other… Continue reading What is Compliance?