tagged w/ personally identifiable information
-
We know of sites tracking and despite denials to the contrary Facebook has been tracking information.
Google/Yahoo have also been accused of retaining information for a month.
Now the tracking seems to be done through the ‘Like’ Button.
Safety conscious Internet users are likely to avoid using this Button, thus denying the Links traffic.
Unwittingly the sites are resorting to actions that instead of increasing traffic are indirectly contributing to reduction in traffic.
Of course they, for the time being, might have temporary monetary advantage by using this information by selling personal information.
If Internet users become more Security conscious, the information sharing sites may be cooking their own goose unless they keep on devising new methods to steal personal information.
As an aside,why is it that negative news about Facebook is being brought out systematically in torrents of late?
http://ramanan50.wordpress.com/2011/05/20/facebook-tracks-you-through-like-button/We know of sites tracking and despite denials to the contrary Facebook has been... more
-
-
-
An important consideration with information security incidents is identifying if personally identifiable information - PII - is involved. If it is, then the privacy breach response team needs to be put into action to determine whether or not an actual privacy breach occurred. I’m always interested in hearing the challenges and unique situations they run across as they not only create their plans, but also for how they execute them. Here are three of these situations, often overlooked and not planned for, but experienced by organizations.
http://information-security-resources.com/2010/02/08/perplexities-of-enterprise-privacy-policies/An important consideration with information security incidents is identifying if... more
-
-
-
Businesses need to scrutinize the information security and privacy programs and practices of vendors and other business partners, and the cloud computing tools, applications and services should be viewed no differently. If your business is entrusting critical processing and data to another entity, you should first ensure it is trustworthy, secure and will meet your organization’s compliance obligations…
http://information-security-resources.com/2010/01/20/on-privacy-and-cloud-computing-challenges/Businesses need to scrutinize the information security and privacy programs and... more
-
-
Do surviving relatives have a right to read their deceased son’s, daughter’s, husband’s or wife’s communications with other people whose lives could then subsequently be completely altered as a result? What would your email service providers do with all your messages? Who should make that decision, and when should that decision be made?Do surviving relatives have a right to read their deceased son’s,... more
-
-
Many internal clouds will run on the back of VMware, but not all, and VMware alone will not satisfy all of the business’s requirements for running an effective internal cloud. Why not? I can think of several reasons…Many internal clouds will run on the back of VMware, but not all, and VMware alone... more
-
-
The first major hurdle that must be addressed to ensure information security and privacy policies are implemented and managed properly is that of upper management support. Beyond upper management buy-in, there are six other critical factors that will determine whether or not security policies are effective.The first major hurdle that must be addressed to ensure information security and... more
-
-
If you own the business, you own the strategy and execution and you can not outsource accountability. Be careful about falling for the siren song of technology – it is there to support your business, not define it.If you own the business, you own the strategy and execution and you can not outsource... more
-
-
QSA’s (auditors) policing the PCI-DSS (credit card data security standards) need to adjust their mindset when auditing virtualized card processing infrastructure…QSA’s (auditors) policing the PCI-DSS (credit card data security standards) need... more
-
-
Any business, of any size, in any industry, in any location, is a possible target for PII theft and cybercrime if they possess any type of employee, customer or other consumer PII. Most businesses have PII. All businesses with PII need to make sure they provide due diligence to protect that PII.Any business, of any size, in any industry, in any location, is a possible target for... more
-
