Archive
NY State vs Microsoft customer data disclosure update 4
A quick followup to my blogs of May 2015 here, September 2014 here and July 2014 here, where the NY State court is trying to compel Microsoft to hand over emails from one of their servers in Ireland. The case is still ongoing, and recently went through a session with the appeals court – you can find the rough transcript online.
In it the two sides argue the legal difference between warrants and subpoenas, and whether our emails should be considered “the business records of a company”.
This far reaching case will have ramifications for governments and service providers which way it goes – Microsoft argue that if it goes against them, that means Russia will be able to obtain records from US Mail.ru servers without the US government having a say, and the US government argue that if they loose, companies can simply offshore their customers data to block US Government inspection.
Which way do you think it will go? Comment below.
Got (wiki)Leaks? Call a McAfee (DL)Plumber…
With the current news fracas regarding the latest WikiLeaks disclosures, which have reached a pretty interesting juncture with Congressman Peter King asking for WikiLeaks and it’s founder Julian Assange to be declared “Terrorists and spies”, I thought I’d add my fire to the flame and say quite bluntly –
McAfee can help you protect your information!
Yes, you would not believe it but monitoring for inappropriate disclosure of sensitive information is bread-and-butter stuff to us. Read more…
5 Steps To Data Protection Nirvana..
This week as many of you know I’ve been working out of our South African office in Johannesburg, and in particular presented 4 sessions at the McAfee Executive Summit here.
ITWeb, who co-sponsored the event were kind enough to give me a writeup on their site which you can enjoy at your leisure.
Thankyou though to all the customers and partners who came to see us and made the event such a success!
Speaking on “Celebrations”, Seattle on 26th August…
No, I’m not talking about weddings or the like, Celebrations is a rather beautiful boat that sails around Lake Washington. McAfee have booked her out for a private tour. Attendance is by registration only, but if you think you might like to come you should approach your McAfee account manager.
Bon Voyage!
Speaking at “The Security Standard Conference”, NY on 13th September
For those who follow me around, I’ll be speaking at “The Security Standard” on September 13th 2010. It’s only a short spot but I’ll be introducing some new information about McAfee’s unified DLP solution, and talking briefly about data protection regulations.
Details of 100,000,000 Facebook users aggregated for download…
This week BBC news posted an interesting story:
Personal details of 100m Facebook users have been harvested and published on the net by a security consultant.
Ron Bowles used a piece of code to scan Facebook profiles, collecting data not hidden by the user’s privacy settings.
Time to panic maybe? Well, not perhaps if you keep reading:
The list, which has been shared as a downloadable file, contains the URL of every searchable Facebook user’s profile, their name and unique ID.
Not perhaps so bad then, given the name and URL of every FaceBook user is already available within FaceBook itself – I mean if you are searching for someone, you could go to the FaceBook page, type their name in, then see a list of people with pictures etc, or, you could use this offline data set and just get their URL’s and IDs.
I guess it’s useful if you want to translate a FaceBook id into a name, but for me, this is a bit of a blown-out-of-proportion non-event.
maybe I am missing something?
Mexico Passes data-leak prevention law…
Effective as of July 6th 2010, the new la Ley Federal de Protección de Datos Personales en posesión de los particulares, or “Federal Law for Protection of Personal Data held by Private Persons” enforces obligations of disclosure, and has penalties and fines. Companies must act on requests for information about personal data held, and can deny transfer of data and request deletion.
A great writeup by Roumiana Deltcheva can be found on MessageingArchitects.com, and you can get the full text of the law from the Senado site (though in Spanish of course).
Data Protection Projects – Where to start?
One common question I get asked when I speak on Data Protection, is “what do I do first” – it’s interesting topic because although my presentation is exactly about what most people should do, and in what order, everyone and every organization is different and one size, absolutely does not fit all.
In my presentation I talk about “5 Steps to Data Protection Nirvana”: Read more…
Copiers give up secrets…
This interesting report by CBSNews highlights the problem of not paying attention to how data leaks occur. CBS News worked with a small company who specialize in Digital Copier Security to show how easy it was to obtain sensitive data.
By simply going to a used copier supplier and buying 4 random machines at a cost of around $300 each (without knowing who their previous owners were), they were, within an hour able to retrieve thousands of page prints of sensitive data including: Read more…
Countrywide Financials Data Loss leads to $20m class action suite…
Following on from the Countrywide Financial data breach back in 2008, they now find themselves saddled with a class action lawsuit for $20,000,000.
Countrywide Financials problems all started when employee Rene Rebollo confessed to downloading 20,000 data files per week and selling them to Wahid Siddiqi for as much as $70,000 (a total of 2.2 million people’s information was compromised), this leading to Bank Of America (their new owners) paying $350,000 to Connecticut to settle claims.
The terms of the class action can be found on http:\\www.cwdataclaims.com, but they include up to $50,000 reimbursement per incident of identity theft from a fund of $5,000,000, free credit monitoring, $90 for opening a new account, $20 per month, up to $200 for credit monitoring, $10 per hour for telephone calls etc, and many other miscellaneous things.
Who?
 | EVP Cyber Product Innovation for Mastercard. Formally the Chief Technology Officer for Intel Secure Home Gateways, CTO for McAfee Enterprise Endpoint, CTO McAfee Innovation team, and Founder/CTO SafeBoot Corp. |
Simon Says - Musings of a Technology CTO 
Comments