The megaupload bust
My daughter was distressed yesterday after the Feds shutdown the megaupload file sharing site – “How am I going to see all those series and Korean movies I love? It’s not fair!” The FBI have been after Mr Dotcom for 8 years. His big problem was not the file sharing but his other criminal activities. […]
Clinical trials in the cloud
Ben Baumann from Akaza and Open Clinica fame, recently blogged about clinical trials in the cloud. Ben is pitching the relatively new offering from Akaza called Open Clinica Optimized hosting that offers quick startup using validated Open Clinica instances and resources on-demand on a SAS-70 compliant platform. As Ben noted that in the clinical research field, […]
Anatonme – a hand held device for improving patient-doctor communications
From a recent article in Healthcare Global. Studies suggest that 30-50 percent of patients are likely to give up treatments early. Microsoft Research has developed an innovative, hand-held medical device called Anatonme to help patients understand their issue and complete their treatment plan more often. We’ve been doing research and development into private, controlled social […]
Beyond the firewall
Beyond the firewall – data loss prevention What a simple idea. It doesn’t matter how they break into your network or servers – if attackers can’t take out your data, then you’ve mitigated the threat. Data loss prevention is a category of information security products that has matured from Web / email content filtering products […]
Why web application security is fundamentally broken
Web application security in the cloud View more presentations from Software Associates
Are passwords dead?
A recent article on CSO online ponders the question of whether or not passwords are dead – since they are not much of a security countermeasure anyhow (or so the article intimates). The article quotes a person who seems to believe that SQL injection attacks have to do with password security. Christopher Frenz, CTO at […]
Data Classification and Controls Policy for PCI DSS
Do you run an e-commerce site? Are you sure you do not store any payment card data or PII (personally identifiable information) in some MySQL database? The first step in protecting credit card and customer data is to know what sensitive data you really store, classify what you have and set up the appropriate security […]
Good customer service is key to good customer security
My friend Nissan Ratzlav-Katz starting blogging about customer service in Israel and how tolerant many of us have become to sub-standard and even really crappy customer service. An objection I’ve heard frequently to Google Apps is that they don’t give customer service – although I would argue that great products delivered that work on a global scale […]
Free risk assessment of your web site
With all the news about credit card breaches, there are probably a lot of people scurrying about trying to figure out the cheapest and fastest way to reduce the risk of some Saudi hacker stealing credit cards or mounting a DDOS attack on their web site. I have written here, here and here about how […]
Why data security regulation is bad
The first government knee-jerk reaction in the face of a data breach is to create more government privacy compliance regulation. This is analogous to shooting yourself in the foot while you hold the loaded weapon in one hand and apply band-aids with the other. Democracies like Israel, the US and the UK have “a tendency […]
