A Gartner analyst has posted “a few thoughts about Amazon and the enterprise”. She starts by blasting SAS 70 for weakness and then holds up yesterday’s Amazon ISO/IEC 27001 certification announcement as a totally different standard. I too am a fan of the ISO process and have used it for many years with many organizations. … Continue reading Amazon, ISO 27001 and Deception →

Larry Ponemon has released a study of 65 organizations, which he used to extrapolate that patient data breaches cost hospitals $6 billion per year 70% of healthcare organizations said that protecting patient data was a low priority; 67% of organizations said they had less than two staff members dedicated to data protection management. A majority … Continue reading Low Confidence in Patient Record Security →

The scanner in question was not used for air travel. Perhaps even more ironic, it was in a courthouse. Gizmodo took a cue from an EPIC lawsuit (PDF of complaint to the US DoJ) and filed a Freedom of Information Act (FOIA) request for 35,000 images saved by this one scanner under odd circumstances. Their … Continue reading Body Scan Images Leaked →

A day after launch the BBC quoted the engineering manager in charge of the messages product. He was not optimistic: I think we will have a little bit of an adoption problem…We’ve noticed that even for us, it takes a week or two before you really grab on and get this system. What really happens … Continue reading Facebook Messages Adoption Problem →