26May
“Disaster-Proof Your Business”
CNN Money (05/22/07) ; Dickler, Jessica
Small-business owners can take several simple and inexpensive steps to prepare their businesses and employees for the upcoming hurricane season, which is expected to be an active one. For example, companies should form a contact list for communicating with employees in the event that a hurricane strikes, and they should also create an emergency plan that covers several types of scenarios. Creating a phone tree or other process for communicating is also recommended, and all offices should have flashlights, a first-aid kit, battery-powered radio, bottled water, and batteries. Protecting corporate data can be accomplished by using a back-up device to store data in a remote, safe location. This data can be stored on a flash drive, disk, or similar device, and the stored data should include contracts, inventories, and orders. The data should be backed up on a daily or weekly basis. An Office Depot survey released May 22 finds that 71 percent of businesses lack a disaster plan, and 18 percent do not back up any data. The survey also finds that 52 percent of businesses say they copy their data to a removable media device, but just 11 percent store the backup data at a remote site.
(go to web site)
20May
For entertainment and lessons in access control and electronic security see
http://www.avenueofthegods.com/WordPress
Â
18May
“Ask the Auditor: Guarding Against Employee Fraud and Theft in Health Care Organizations”
Employee Benefit News (05/07) Vol. 21, No. 6, P. 12 ; Denyer, Charles
Vendor fraud perpetrated by employees can be a major risk for many healthcare organizations, due to the overwhelming number of miscellaneous supplies they must order. Employees can commit vendor fraud by creating a small shell company, forging a bill for supplies to their employer, and then paying the bill in the employer’s name, thus transferring the funds to the shell company. This scheme is so simple for employees to carry out, which is why healthcare organizations need to take steps to identify the signs quickly. A complete list of vendors should be available so that any suspicious bills can be cross-checked against the list. Signs of a suspicious vendor include a post-office box address in a nearby ZIP code, an e-mail address from a free provider, and missing information in any electronic vendor-data records. Legitimate vendors are more likely to have reliable contact information.
(go to web site)
17May
Rate your security program in 90 seconds
With this tool in hand you can:
Determine your organization’s or departments security management maturity
Set a maturity target
Develop a prioritized outline of what to put in place to get there
It is an excellent tool for a corporate Security Steering Committee or Security Council.
http://www.thesecurityminute.com/sm_2007_03_28.html
Â
12May
“On the Verge to Converge”
Security Products (05/07) Vol. 11, No. 5, P. 40 ; Ting, David
A growing number of organizations are linking their building security systems with their network security systems in order to more strictly enforce employee behavior. Under a converged security system, an employee’s access to the organization’s IT systems can be denied if they do not use their security badges to enter the building. Organizations can also configure their networks to automatically query the building access system when the employee logs in to see if they have signed into the premises. Such a converged approach to security encourages correct user behavior, reinforces compliance with the company’s policy, and allows organizations to enforce policies against tailgating–the practice of an employee walking into the building at the same time as another employee who has already used their badge–without deploying a turnstile-based entrance system. In addition, linking an employee’s building access card with a user’s password allows organizations to implement strong authentication systems for staff without having to invest in two-factor authentication technology such as tokens or biometric readers. Finally, auditing and reporting is easier for organizations with converged security systems.
(go to web site)
07May
“Colleges Seek to Get Word Out Quicker”
Fox News (04/17/07) ; Irvine, MarthaÂ
The Virginia Tech massacre is prompting universities across the country to reassess their emergency communications capabilities. The first shootings at Virginia Tech took place at 7:15 a.m., but more than two hours passed before students received an emergency email alert from the school that simply stated that a shooting had occurred and to “be cautious.” Mitchell Celaya, assistant chief of campus police at the University of California, Berkeley, sees the need for an emergency communications system consisting of a siren on an outdoor public address system that would be followed by announced instructions. Other universities are making headway on similar systems. For example, the University of Cincinnati has a public address system that can be heard inside campus buildings, while the University of Florida and local police are collaborating on a system that automatically sends hurricane and tornado alerts to campus telephones. Texas A&M University uses the aforementioned communications systems and others. The University of Georgia and several other universities are testing a voluntary system that allows students to submit their phone numbers and email addresses to a Web site; emergency messages from the university are then sent via phone systems located outside the local area, so as to avoid jammed phone lines. Due to a murder-suicide, the University of Washington decided to add extra security in the form of a safety team that provides university staffers with extra security, even moving them out of offices when danger strikes.
(go to web site)Â
Recent Comments