OpenSec

Maricopa County asked:


Federal documents obtained under a Freedom of Information Act request reveal that two divisions of the Department of Homeland Security – charged with assuring the integrity of U.S. borders and the safety of residents – lost nearly three computers every day for a year.

But an official statement assures citizens that no “sensitive” data was lost.

A report on the computers, which were designated as “lost” or “not found during physical inventory,” was issued by the Independence Institute in Golden, Colo., after it obtained the federal paperwork.

Federal agencies also “lost” several computer switches valued at some $90,000 apiece and a multitude of vehicles, including a truck worth about $116,000.

But Jon Caldara, president of the institute, said the absence of documentation about the information on the missing computers is what is most alarming. “You can’t lose thousands upon thousands of computers and make a blanket statement there was nothing of value on any of them. The fact that they’re gone means you can’t make that statement,” he told WND.

“I see the Department of Homeland Security here more as the Department of Insecurity.”

He said if the agency could prove there was nothing of value on the units, “then terrific, then they’re just being wasteful and careless.”

But he questioned how the government can be so sure there was nothing significant, citing the scandal over missing computers and allegations of purloined nuclear secrets at the Los Alamos National Laboratory some years ago.

The report by the Independence Institute’s Todd Shepherd revealed that for fiscal year 2008, inventories from the Immigration and Customs Enforcement and the Customs and Border Protection divisions show employees collaborated to lose no fewer than 985 computers.

The Customs and Border Protection division documented lost, stolen or damaged equipment (1,975 pieces) worth some $7.5 million. For ICE, it was 1,547 items worth $5.8 million.

Officials with the Department of Homeland Security did not respond to a WND request for comment.

“When I look at these inventories with my own eyes, page after page, I still think there’s a good chance that we’re dealing with some significant security breaches, and possibly insider theft,” Caldara said in the report from the institute on the situation.

The report said Caldara had written to DHS Inspector General Richard Skinner seeking an investigation for the losses.

http://www.wnd.com/index.php?fa=PAGE.view&pageId=126218

What about this 3 Homeland Security computers lost daily valued at some $90,000 apiece 116,349 Truck missing,40 “personal radiation detectors”; three 14-inch LCD panels, each valued at $5,000-plus; four entire computer sets, identical in cost at $5,741, and 10 Dell Optiplex computers, among many other items ?

tina n asked:


1. What are the company’s major information security
threats?
2. Develop a security awareness training plan for employees
and franchisees.
3. Which Internet-based data backup plans should be
used?
4. Review data retention requirements for various types of
records.impact of security, disaster planning, and data retention:
Meredith (President and Owner) “I never
realized that security and disaster planning involved
everyone in the company. I thought I could leave it all to
Abe, but now I see that everyone needs to be aware of our
plans, which might impact multiple departments.”
Suzanne (VP of Studios) “I now know that we
need to focus on the role of our employees in handling
disasters.”
Leda (VP of Franchises) “Our franchisees are
always calling me for information. I usually never question
the identity of the person at the other end of the line.
Now I am implementing a method for verifying that the
person is an actual franchisee.”
Mitch (VP of Bead Bar on Board) “I use passwords
to protect my notebook computer and PDA. In the
past I always used my birthday and I never changed my
password. Now my password is complicated, using letters,
numbers, and punctuation.”
Julia (Chief Financial Officer) “We are
increasingly relying on information systems to process
financial data. As the CFO, I need to work with Abe to
ensure our data retention requirements are met.”
Miriam (VP of Marketing and Sales) “My
department regularly gives out marketing information to
other managers and studio employees. We need to
develop a system to ensure that only people who should
have access to this information, get this information.”
Rachel (VP of Operations and Purchasing) “I
am in the process of working with Abe to develop a comprehensive
disaster recovery plan. He will handle the
computer systems aspect, but I need to determine what
each of our employees should do in the event of a disaster.
I am also working to ensure that we have multiple
vendors for all our important products. Finally, physical
security is part of my responsibility. So I am reviewing our
physical access controls.”
Jim (Director of Human Resources) “My
main objective is to develop a security and disaster recovery
training plan for our employees. In addition, Rachel
and Abe would like me to work with temporary companies
to fill key positions in the event of a disaster. Abe has
also asked me to implement specific policies as they
relate to security and disaster recovery.”
Abe (Chief Information Officer) “I’m working
on an information security plan that includes technical,
procedural, and educational approaches. This plan
will touch multiple departments. I need to work with Julia
on data retention, Rachel on disaster recovery, and Jim on

Energizeer asked:


I’m writing an essay about computer security within business.
I’m structuring it under the main topics of:
Hardware
Software(Malware, viruses…)
Physical(The server room)
& Network(Internet…)

Can you guys give me suggestions of subtopics of stuff that I could be missing etc…
Thanks!

Rita Gergi asked:




Security in the IT world is not just about locks and closed doors, there are two main types of security when it comes to technology. Physical and Logical security describe the differences between hardware and software.

With physical security, such as computers and the components within, surveillance and locks must be in place to prevent these things from being stolen or tampered with. In the sense of logical security, such as software and programs, error proofing and proper usage techniques must be implemented to prevent vulnerabilities that could harm the logical and physical aspects of the devices and its security. Also, logical security is vulnerable to outside attacks, whereas physical security must be palpable, logical systems are bound to interact with the internet and thus are exposed to many possible attacks. A friend to logical security is good monitoring practices and a properly installed firewall.

In the case of Structural failure such as a building collapse or other elements contained within a structure it can do harm to both physical and logical components of a network. The most important security idea pertaining to structure security is making sure you have a secure building, this falls within Location analysis. By finding a proper location structural damage can be minimized by choosing a zone with minimal natural disasters.

If a structural failure were to occur many components could be disabled including severed wires, which would create a logical gap in the network, and with a failing structure, pipes could break and fires could occur creating more physical damage.

Deek Landon asked:




By now most computer owners have learned that they need to have some sort of internet security software installed on their computer. This is the first level of keeping viruses and intruders out of your computer but a computer owner can’t rely on this as their only means of PC security. It is critical that a person learns the basic rules for keeping your system secure. A person needs to learn tips about physical security, software viruses, and data protection.

A security tip that is often looked over is the location and accessibility of your computer. It should be in a protected home or office building with some type of locks and security alarm. Along with the physical security of your computer equipment, the network gear should be locked up in a closet somewhere. This is due to the fact that if a evil-intending person gains access to your computer, then all security measures have been done for naught.

A second rule that computer owners should abide by is focusing on keeping your data secure. This is done by scheduling back ups of each hard-drive that you own. Oh, by the way, make sure you have multiple copies of the backups and be sure to keep them in separate locations. Encrypting your data is also a very important method to keeping your information safe. There are new tools on the market that encrypts the data while hiding the data from any curious eyes that do not have permission.

A strong antivirus firewall software is necessary to helping you with computer security. This software helps in defending viruses, worms, trojan horses, adware, and malware. It will be well worth the money; you will never be sorry for owning this type of internet security software.

This handy security tips are very basic but they are often the ones that were overlooked when a virus attack becomes successful. Abide by these simple tips and you may save yourself hours of frustration, wasted time, and money.