http://www.cloudpro.co.uk/cloud-essentials/cloud-security/5177/evidentio-encourages-startups-to-boost-aws-security By Clare Hopping Cloud Pro June 25, 2015 Evident.io has announced a startup and small business AWS Cloud Security platform to help those without a dedicated security resource ensure their Amazon cloud infrastructure is protected. Adrian Sanabria, an analyst with 451 Research, commented: “The rise of cloud computing has enabled small businesses to grow and thrive with affordable cloud infrastructure and powerful cloud-based tools, but it’s also created unprecedented security threats.” He explained that startups often set up multiple severs in the cloud before even thinking about the security implications this has, employing a security expert or buying even basic equipment for the office. It’s this ‘cloud-first’ attitude that can get organisations into trouble when it comes to securing their systems. “The biggest risk with cloud infrastructure, especially for ‘cloud-first’ businesses, is the management plane,” he commented. […]
http://healthitsecurity.com/news/a-review-of-common-hipaa-technical-safeguards By Elizabeth Snell Health IT Security June 26, 2015 HIPAA technical safeguards are just one piece of the larger health data security plan that covered entities and their business associates must put together. However, it is a very important aspect. Over the next few weeks, HealthITSecurity.com will discuss some common examples of all three HIPAA safeguards, and how they could potentially benefit healthcare organizations. Not all types of safeguards are appropriate or necessary for every covered entity. But by having a comprehensive understanding of what is required by HIPAA and the HITECH Act, and how various safeguards can be used, organizations will be able to identify which ones are most applicable. From there, they can create and implement the right data security protections for their daily workflow and ensure they maintain HIPAA compliance. As previously mentioned, HIPAA technical safeguards are an important part to keeping sensitive health data secure. Whether a small primary care clinic is debating health data encryption options or a large HIE is considering BYOD for employees, understanding the basics of HIPAA technical safeguards is essential. What are HIPAA technical safeguards? The HIPAA Security Rule describes technical safeguards as ““the technology and the policy and procedures for its use that protect electronic protected health information and control access to it.” However, an important note is that the Security Rule does not require specific technology solutions. Rather, healthcare organizations need to determine reasonable and appropriate security measures for their own needs and characteristics. […]
http://risktech-forum.com/news/cybersecurity-a-global-legal-perspective-for-hedge-funds Hedgeweek 11 June 2015 The House of Representatives passed a new cybersecurity bill – the Protecting Cyber Networks Act (PCNA) – to allow file sharing between government intelligence agencies and private companies and raise the overall awareness of hacking. This is just the latest chapter in what is fast becoming a key narrative within the US, where cybersecurity legislation is being rolled out to address the growing sophistication of cyber attacks. Hedge funds are now becoming a more pronounced target and to that end, lawyers are requiring to get on top of the issues to advise their clients accordingly. Ed McNicholas is a partner at Sidney Austin LLP in Washington DC. He confirms that he has just finished a treatise for the Practicing Law Institute, the aim of which is to provide a legal guide on cybersecurity. It is due to be published in June. “The law here is developing rapidly and one of the biggest things that hedge funds need to do is to ensure communication between their lawyers and their IT staff on this issue. The lawyers have, for a long time, considered it to be an IT issue but they need to get up to speed on this,” says McNicholas. McNicholas sees three big tasks facing lawyers. The first relates to managing the information assets of a hedge fund. These are highly specialised vehicles and as such an intellectual step needs to be taken by law firms in realising that this is not an issue that pertains solely to personal data. Hedge funds have significant intellectual property – trading algorithms, investor details, proprietary research etc. In relation to cybersecurity, it is important to identify those assets and understand where and with whom the manager shares those assets. […]
http://healthitsecurity.com/news/coast-guard-needs-better-phi-security-says-oig-report By Elizabeth Snell Health IT Secutity May 21, 2015 The US Coast Guard (USCG) must do a better job in its PHI security measures, according to a recent report from the Office of the Inspector General (OIG). Specifically, USCG lacks a strong organizational approach to resolving privacy issues, the report stated, which leads to the agency having challenges when it comes to effectively protecting PHI. “We evaluated the safeguards for sensitive personally identifiable information and protected health information (privacy data) maintained by USCG,” OIG explained in its report. “Our objectives were to determine whether the USCG’s plans and activities instill a culture of privacy and whether the USCG ensures compliance with the Privacy Act of 1974, as amended, [HIPAA], and other privacy and security laws and regulations.” OIG outlined five areas that USCG needs to resolve in order to improve its PHI security: […]
http://www.v3.co.uk/v3-uk/news/2406304/windows-xp-government-support-deal-ends-leaving-pcs-open-to-attack By Dan Worth, Dave Neal V3.co.uk 29 Apr 2015 The government has not renewed its £5.5m Windows XP support deal with Microsoft despite thousands of computers across Whitehall still running the ancient software, leaving them wide open to cyber attacks. The contract was negotiated last year between Microsoft and the Crown Commercial Service (CCS), which is part of the Cabinet Office, to provide one year’s additional support after the general support deadline for XP expired. The CCS made it plain at the time that it would not renew the deal, and urged all departments to ensure that they migrated in time. “It is important to note that there are no plans to negotiate a further national extension of XP support beyond April 2015,” the CCS said in a letter to departments. “It is therefore essential that all NHS organisations put in place robust plans to migrate away from Windows XP, Office 2003 and Exchange 2003 by that date.” […]
http://www.ubergizmo.com/2015/04/what-elite-hackers-do-upon-encountering-an-imac/ By Tyler Lee ubergizmo.com 04/19/2015 When reading about malware and hacks on computers, most of the time it involves Windows-based machines. This isn’t to say that other platforms and computers, like Apple’s OS X, isn’t invulnerable, it’s just that all this stuff seems to happen to Windows users a lot more often than anyone else. That being said, that doesn’t mean that computers like the iMac are considered “safe”. In fact recently during an Infiltrate conference that was held over last week, Business Insider spoke to the attendees and found that for the most part, most of the hackers that attended the event did not want to have anything to do with the iMac in their room. Apparently this was due to the iMac being easily commandeered by a skilled hacker if that situation arose. This also led to the attendees coming up with ways to make sure that they could not be spied on by the iMac’s camera. In one case, what the person did was turn the iMac to face the wall, unplug it, and for good measure, toss a towel over it to ensure complete privacy. […]
http://www.networkworld.com/article/2902506/security0/cash-it-security-threaten-nasa-deep-space-network-operation.html By Michael Cooney Layer 8 Network World March 26, 2015 Money needed for upgrades to older equipment and IT security issues continue to drag on NASA, according to a report issued this week by the space agency’s Office of Inspector General. The report focuses on NASA’s Deep Space Network, which through variety of antennas and transmitters at communications complexes in three locations: Goldstone, California; Madrid, Spain; and Canberra, Australia provides space missions with the tracking, telemetry, and command services required to control and maintain spacecraft and transmit science data. NASA’s international partners also use the Deep Space Net. > From the OIG report: “Much of DSN’s hardware is more than 30 years old, costly to maintain, and requires modernization and expansion to ensure continued service for existing and planned missions. Although DSN is meeting its current operational commitments, budget reductions have challenged the Network’s ability to maintain these performance levels and threaten its future reliability. Specifically, in FY 2009 the Network implemented a plan to achieve $226.9 million in savings over 10 years and use most of that savings to build new antennas and transmitters. However, in FY 2013 the NASA’s Space Communications and Navigation (SCaN) Program cut the Network’s budget by $101.3 million, causing DSN to delay upgrades, close antennas, and cancel or re-plan tasks. […]
Keep your lawn green this summer!
The following five steps will allow you to significantly improve your lawn while saving a tremendous amount of water use throughout the year. The following five steps only take about 30 minutes across the entire year in order to properly improve your specific situation. The simple fact is you do not need to kill off your lawn in order to save significant amounts of water and contribute to the efficiency of water use within California.
By implementing these steps I personally experienced more than 30% reduction in my water use while my neighbors stood in awe of how florescent green my lawn was. When I showed my water bill and the savings to my neighbors they were in complete disbelief because they believed they had to kill off their lawn by reducing their water use to all zero but quite in fact this is not necessary. With proper maintenance, a lawn and your entire yard needs only a fraction of a the water necessary to keep it green and beautiful when you are not properly caring for it.
Step 1. Follow the sun (and the weather).
Often, many of us pay attention to the weather in order to select the right clothing for the day. However many of us ignore the fact that our lawns also need you to adjust your care according to the weather and the amount of sun your lawn will receive. So it is important to note what the weather will be like and the temperature ranges that your lawn will be experiencing along with you during the day.
Step 2. Penetrate your soul (leverage an aerator).
This simple little tool can be used to significantly change the absorption rate of water for your lawn. Imagine that you don’t aerate your lawn, without aeration the water sits on the top layer of soil and if you have a hill or sloped lawn it rolls right off only permeating the very top quarter-inch layer of topsoil. The goal for water efficient lawn is to maintain deep penetration of water into the topsoil and the only way to perform this without overwatering is through aeration. Aeration also has other benefits such as delivering nutrients further into the soil towards the roots of your grass. This is the single most effective way to reduce water usage and it only takes five minutes with this tool found at Home Depot at the following URL: http://www.homedepot.com/p/Hound-Dog-Steel-Spike-Aerator-HDP37/202605484
Step 3. Renew your body (sprinkle some seed).
Re-seeding is an essential step to keeping a quality lawn. Over time and age lawn degrades and the blades of grass simply don’t have the same luster as they once had similar to humans and aging. So it is important to re-seed on a regular basis usually in the springtime. There are many types of seed and you should try and match the type of seed that you already have if at all possible so that you can maintain the look the you desire. For me a simple fescue mix from my local Walmart or Home Depot was sufficient to maintain my own grass in the look that I desired.
Step 4. Take some vitamins (fertilize!).
The next step after aeration is to ensure that your grass has quality nutrients delivered directly to its roots, just like our bodies need vitamins so to do grasses and other shrubs we plant our yards. A simple $10-$15 fertilizer sprinkled across your lawn is sufficient to provide nutrients for almost 6 months and significantly improve the health of your lawn and provide for a florescent green and healthy color. This step takes only minutes once every six months. Ideally you can spread fertilizer with the same handheld spreader you use for the seed.
Step 5. Adjust your clocks! (water at the right time of day).
The final step in this process is to adjust your watering habits or your watering system to accommodate our newly renovated lawn. An unhealthy lawn without these maintenance techniques requires 2 to 3 times as much water, leading guidance from common Internet sources to claim watering must be 8 to 10 minutes per day in order for the desired look. However I have found that For my environmental conditions in Northern California, quite honestly a healthfully maintained lawn only needs one third of the amount of water across to the majority of the year with only exceeding this amount in the highest temperature period of the summer months. The best watering times for grass are during the morning hours between 4 and 5 AM allowing sufficient soak time prior to the sun rising and evaporating the moisture. For my use I also run my water in the afternoon at around 5 PM, ideally you do not want a moist soil all night long to avoid bacteria and moss growth during the evening.
This is a photo of my lawn and my bill usage graph with an over 30% reduction (year over year) in my water use.