The Black Hat USA 2013 conference, which kicks off tomorrow in Las Vegas, brings together the brightest minds in IT security each year — those who are responsible for perpetrating and protecting against the latest hacks and vulnerabilities. And not a second too soon, since every week seems to usher in another security catastrophe. This week’s shocker was the outing of a hole in mobile device SIM cards, by Karsten Nohl, the founder of Security Research Labs in Berlin
HIPAA Omnibus Rule: New Penalty system with steeper fines
The passage of HIPAA Omnibus Rule heralds a new era of accountability for organizations that fall under the category of ‘business associates’ to a healthcare provider. The new rule has made some sweeping changes to the penalty system applied to each HIPAA violation category.
HIPAA Omnibus Rule: Should your organization’s IT department fret over it? — Part II
In the first part of this 2-part blog , we saw the update about the HIPAA Omnibus Rule and the deadline for compliance (September 23rd). Now, let’s analyze the before & after of this new rule, and if it really applies to you. (Check out the examples given for better understanding.) The Scene Before HIPAA Omnibus… Before this law was enacted, it was the responsibility of healthcare providers (hospitals, clearinghouses, insurance companies, etc.) to report to HHS about any breach into the protected health information (PHI) that they store. And they had to comply with the detailed HIPAA Privacy Rule and HIPAA Security Rule in order to show that the PHI had been properly safeguarded, and not been exposed or manipulated.
Voices that matter – Identity and Access Management
Lately, the digital identities of users have evolved into playing a significant role in specifying how users interact with computer networks, thus making the IAM programs more and more complex. Identity and Access Management has become one of the most celebrated, and at the same time, dreaded term in IT management. In the present days of cutting-edge technology, IAM has evolved into a branch of science and has been perceived as a very difficult process
Tracking Workstation Logon/Logoff using ADAudit Plus
Before getting into the specifics, I would like to give a small introduction on tracking Logon / Logoff in Active Directory environment, which is a cumbersome process. Auditing the Windows Active Directory environment Logon Auditing With the current Windows architecture it’s difficult to get all logon data at a single point