Posts Tagged ‘Information Protection’

h1

More Demands on Cell Carriers

July 13, 2012

In the first public accounting of its kind, cellphone carriers reported that they responded to a startling 1.3 million demands for subscriber information last year from law enforcement agencies seeking text messages, caller locations and other information in the course of investigations.

The cellphone carriers’ reports, which come in response to a Congressional inquiry, document an explosion in cellphone surveillance in the last five years, with the companies turning over records thousands of times a day in response to police emergencies, court orders, law enforcement subpoenas and other requests.

While the cell companies did not break down the types of law enforcement agencies collecting the data, they made clear that the widened cell surveillance cut across all levels of government — from run-of-the-mill street crimes handled by local police departments to financial crimes and intelligence investigations at the state and federal levels.

AT&T alone now responds to an average of more than 700 requests a day, with about 230 of them regarded as emergencies that do not require the normal court orders and subpoena. That is roughly triple the number it fielded in 2007, the company said. Law enforcement requests of all kinds have been rising among the other carriers as well, with annual increases of between 12 percent and 16 percent in the last five years. Sprint, which did not break down its figures in as much detail as other carriers, led all companies last year in reporting what amounted to at least 1,500 data requests on average a day.

With the rapid expansion of cell surveillance have come rising concerns — including among carriers — about what legal safeguards are in place to balance law enforcement agencies’ needs for quick data against the privacy rights of consumers.  Source

Advertisements
h1

Cloud Computing: Managing File Transfers in the Cloud: 10 Points to Demystify the Process

May 14, 2012

Managed file transfer is a well-accepted way for organizations to share business files point-to-point, quickly, reliably and securely. This is a subject that requires attention, especially when it comes to thorny issues, such as enterprise security and compliance. MFT uses different types of applications to securely transfer data from one computer to another. This small but important area of IT management earned attention in recent years after IBM bought Sterling Commerce for more than a $1 billion, and MFT specialist Ipswitch merged with Message Way. Over the years, despite having lost a bit of its novel cachet, MFT is as effective as ever. But now, due to greater demands for the secure transfer of data through cloud systems, MFT is being refreshed as it morphs and expands to play a critical role in moving large data sets (the so-called big data)—as well as traditional business files—through the cloud. Here, eWEEK offers some key data points about MFT, the cloud, and big data. Our expert source is Robert Fox, director of B2B/EAI Software Development at Liaison Technologies in Alpharetta, Ga. Liaison Technologies cleanses and validates business data for master data management purposes and securely integrates and manages complex business information on-premise or in the cloud. Read More

h1

Top 10 managed file transfer considerations

April 11, 2012

 1. Platform Openness – To reduce the points of connection to sensitive data and reduce the risk of exposure to those without a need-to-know the MFT solution should be installed on the server operating system where the sensitive data and applications reside. If your corporate data mostly resides on the IBM X, then it would make sense to get a MFT solution that runs on the IBM X.

2. Authorization Controls – To meet many compliance regulations, the MFT solution must provide role based access to limit user access to certain servers or MFT functions based on user credentials.

 3. Secure FTP – Plain FTP is not secure. The MFT solution must support both SFTP (FTP over SSH) and FTPS (FTP over SSL) protocols for secure FTP transfers.

 4. Encryption Standards – At minimum, the solution should support the industry standard encryption standards: AES, Open PGP, AS2, SSH, SSL, TLS and S/MIME.

5. Database Integration – The MFT should readily connect to DB2, SQL Server, Oracle, MySQL and other popular database servers for extracting and inserting data.

6. Data Transformation – Is the ability to translate data between popular data formats including XML, CSV, Excel and fixed-width text formats.

7. Data Compression – Compresses and packages data using popular standards such as ZIP, GZIP and TAR to reduce transmission times.

8. Application Integration – The MFT should provide commands and APIs for interfacing with your applications.

 9. Scheduling – Allows transfers and other MFT functions to be scheduled for future dates and times.

10. Key Management – Does the MFT include management tools for creating, importing and exporting keys and certificates?

h1

New EU Data Laws: Cloud Brings Increased Risk Of Massive Fines

April 4, 2012

That was the warning delivered by Vinod Bange, a top London-based IT lawyer, as the EU proposes new laws to penalise data breaches.

Bange said: “Regulatory sanctions have gone way off the scale in terms of what we are used to right now. The sting in the tail, which did not exist before, is that there is a provision to calculate a fine that is based on a percentage of annual global turnover. That’s big news and a big change.

“Organisations have moved on so much since the original legislation in 1995. In this globalised, outsourced, social media, cloud driven environment, you could end up with a third tier fine.”

The EU is proposing three tiers of fines, the first of which runs up to £209,000 or 0.5 per cent of turnover, the second up to £418,000 or 1 per cent of turnover. The top tier allows for a fine of up to £837,000 or 2 per cent of turnover.

The latter could be a potentially massive fine to the tune of hundreds of millions, with tier three penalties relating to international data transfers. Businesses using the cloud, and data centres across the globe, could be more vulnerable to this massive whack of a fine.

Currently, the ICO’s maximum imposition for those who aren’t careful with their data is a £500,000 penalty.

Source: Computerworld

Read more: http://www.itproportal.com/2012/04/02/new-eu-data-laws-cloud-brings-increased-risk-of-massive-fines/#ixzz1r2Ox2ptx

h1

Biometric market set to grow to $14.685 billion by 2019.

March 26, 2012

Frost & Sullivan has carried out a new assessment of the global biometrics market that predicts 2010 revenues of $4.49 billion will increase to $14.685 billion by 2019. Universal adoption of biometric passports will be the driving force in this growth as so-called eGates are implemented at borders around the world. Portable devices used by the police and the military will also become increasingly common in the fight against crime and terrorism, according to the report. Frost & Sullivan also suggests that biometrics will be almost universally adopted in the identification of citizens through IDs, driver’s licenses and healthcards complete with biometric capabilities. Research analyst Krzysztof Rutkowski explained: “The civil and military biometric market will be highly influenced by the universal adoption of biometric passports. This will pave the way for the adoption of other measures, such as eGates, that will enhance the biometric possession experience.”

h1

Google wants to serve you ads based on the background noise of your phone calls

March 23, 2012

Just when you think that we’re pretty tech savvy, companies like Google and Nokia file outlandish “forward-thinking” patents that make you feel like we’re all in a Star Trek episode. In the case of Google’s latest patent, it makes us feel like we’re in a police state.

The patent discusses the technology to analyze the background noise during your phone call and serve up ads for you based on the environmental conditions Google picks up on.

 

h1

Reading Over Your Shoulder: Social Readers and Privacy Law

March 19, 2012

Margot Kaminski has an article in Wake Forest Law Review. Online that begins:

My friends, who are generally well educated and intelligent, read a lot of garbage. I know this because since September 2011, their taste in news about Justin Bieber, Snooki, and the Kardashians has been shared with me through “social readers” on Facebook.[1] Social readers instantaneously list what you are reading on another website, without asking for your approval before disclosing each individual article you read. They are an example of what Facebook calls “frictionless sharing,” where Facebook users ostensibly influence each other’s behavior by making their consumption of content on other websites instantly visible to their friends.[2] Many people do not think twice about using these applications, and numerous publications have made them available, including the Washington Post, Wall Street Journal, and Guardian.[3]

Footnotes

  1. See, e.g., Ian Paul, Wall Street Journal Social on Facebook: A First Look, Today @PCWorld Blog (Sep. 20, 2011, 7:02 AM), http://www.pcworld.com/article/240274/wall_street_journal_social_on_facebook
    _a_first_look.html.
  2. Jason Gilbert, Facebook Frictionless App Frenzy Will Make Your Life More Open, Huffington Post (Jan. 18, 2012), http://www.huffingtonpost.com
    /2012/01/18/facebook‑actions‑arrive‑major‑changes_n_1213183.html.
  3. See The Washington Post Social Reader, Wash. Post, http://www.washingtonpost.com/socialreader (last visited Feb. 26, 2012); Press Release, The Guardian, Guardian Announces New App on Facebook to Make News More Social (Sept, 23, 2011), available at http://www.guardian.co.uk/gnm
    -press-office/guardian-launches-facebook-app; Paul, supra note 1.