Sunday, February 09, 2014 | Washington Post
Tuesday, January 28, 2014 | Dark Reading
Monday, January 20, 2014 | CNN
Wednesday, January 15, 2014 | PBS NewsHour
Sunday, January 12, 2014 | ABC News
Friday, January 10, 2014 | Huffington Post
Thursday, December 19, 2013 | LA Times
Thursday, December 19, 2013 | ABC News
Thursday, December 19, 2013 | CSO Online
Friday, December 06, 2013 | Dark Reading
Monday, December 02, 2013 | WEWS Newschannel 5
Tuesday, November 05, 2013 | NPR WCPN Cleveland
Wednesday, October 30, 2013 | CBS Philadelphia
Wednesday, October 30, 2013 | MedCityNews
Wednesday, October 23, 2013 | WKYC Channel 3 News
Friday, October 04, 2013 | CSO Online
Monday, September 09, 2013 | Dark Reading
Friday, September 06, 2013 | 24X7 Magazine
Tuesday, August 27, 2013 | CBS News.com
Thursday, August 15, 2013 | CSO Online
Wednesday, August 14, 2013 | Politico
Monday, July 29, 2013 | 95.5 FM Indianapolis
Thursday, July 18, 2013 | CSO Online
Tuesday, July 16, 2013 | CBS National News
Monday, July 15, 2013 | HackSurfer
Wednesday, July 10, 2013 | Medical Design Technology
Monday, July 01, 2013 | Transaction World Magazine
Monday, July 01, 2013 | Qmed
Thursday, June 27, 2013 | Mass Device
Tuesday, June 25, 2013 | HR Magazine
Tuesday, June 25, 2013 | Qmed
Monday, June 24, 2013 | Infosec Island
Friday, June 21, 2013 | MainSt.com
Friday, June 21, 2013 | Philadelphia Inquirer
Friday, June 14, 2013 | CIO Magazine
Friday, June 14, 2013 | Network World
Tuesday, May 21, 2013 | PR Newswire
SecureState Takes Aim at Hacking the C-Suite and Celebrities
Sunday, May 19, 2013 | WEWS NewsChannel 5 - Cleveland
Computer security experts show you how to safeguard your personal accounts from hackers
Friday, May 17, 2013 | WEWS NewsChannel 5 - Cleveland
Friday, May 17, 2013 | CSO Online
Pressure mounts for building in security during application development
Friday, April 19, 2013 | CSO Online
Thursday, April 18, 2013 | Data Breach Today
Post-Breach Credit Monitoring Strategies
Wednesday, March 06, 2013 | WKYC Channel 3 - Cleveland
Matt talks with Maureen Kyle about Keeping Your Identity & Financial Information Safe.
Friday, February 08, 2013 | Help Net Security
The privacy implications of Facebook Graph Search
Help Net Security site reviews Wireless Reconnaissance in Penetration Testing.
Friday, February 01, 2013 | Dark Reading
Are Your Databases Audit-Ready?
Tuesday, January 29, 2013 | DHS
SecureState signs CRADA with DHS for computer network defense
Monday, January 14, 2013 | Dark Reading
Understand your risk environment, look closely at SLAs, and verify performance through audits and reporting
Wednesday, December 12, 2012 | CPA Trendlines
When finance and accounting professionals worry about computer security, they may think about stolen laptops, purloined passwords, or lost backup drives.But few worry about hacker attacks against their accounting system software – start worrying.
Friday, December 07, 2012 | CSO
The mock attack, called Project Mayhem, accesses system's database to divert funds without detection
Friday, December 07, 2012 | Security Bistro
Hackers have long targeted systems that hold sensitive data with the intent to make a buck on the black market, but a new exploit proof-of-concept unveiled at the Black Hat security conference in Abu Dhabi reveals how hackers may be able to penetrate the heart and soul of an enterprise by manipulating financial accounting systems to directly pilfer funds, and the attacks could take months to discover.
Friday, December 07, 2012 | threat post
Attacks against accounting systems, in particular financial software such as SAP and Oracle, have been few and far between. That changed at this week’s Black Hat Abu Dhabi conference where a pair of researchers presented proof-of-concept code that could change the dynamic of the financially motivated attack landscape.
Thursday, December 06, 2012 | Dark Reading
No exploit required for defrauding Microsoft and other accounting systems, researchers at Black Hat Abu Dhabi reveal
Wednesday, December 05, 2012 | (IN) SECURE Magazine
Real life example of how an attacker can link vulnerabilities to completely compromise the organization’s internal domain
Tuesday, December 04, 2012 | Yahoo! Finance
Researchers Head to Black Hat Abu Dhabi to Detail Ways to Attack and Manipulate Financial Systems
Friday, November 30, 2012 | WKYC
Joe DeSantis & Tom Eston Discuss Text Scams
Tuesday, November 06, 2012 | Techworld
There are unique differences and threats specific to each smartphone - so which is the best?
Wednesday, October 10, 2012 | COMPUTERWORLD
Just when you thought 'bath salts' were turning innocent humans into flesh eating Zombies in Florida…mobile devices have begun taken over the world like an infectious Zombie virus outbreak.”
Wednesday, October 03, 2012 | TMCnet Financial Tech Spotlight
SecureState announced the sponsorship of the Social Media Security Website & Podcast, and the release of the fourth version of the Facebook Privacy & Security Guide, updated with the latest information on Facebook's privacy and security settings.
Tuesday, September 11, 2012 | CSOonline.com
Monday, August 20, 2012 | News Channel 5
SecureState’s Profiling and Penetration Team Manager, Tom Eston, was featured in News Channel 5’s segment on the security of mobile banking. Eston was quoted, “It is safe, as long as you take precautions especially how you choose your password.”
Monday, July 23, 2012 | TechWeekEurope
SecureState’s Termineter release was featured in TechWeekEurope. Max Smolaks describes the purpose behind the open-source tool and its presentation at B-Sides Las Vegas. Click to read “First Open Source Smart Meter Hacking Tool Released.”
Sunday, July 22, 2012 | ZDNet
News website ZDNet highlighted “Smart Meter Hacking Tool Released” by Emil Protalinski. The article presents SecureState’s release of Termineter as a way to create security awareness of Smart Meters. Click here to read the full article!
Friday, July 20, 2012 | Computerworld
SecureState’s Termineter Smart Meter tool was highlighted on Computerworld in “Researcher Releases Smart Meter Hacking Tool.” Spencer McIntyre, Research and Innovation Consultant at SecureState, is quoted explaining the use of the Terminter tool. Click here to read the article.
Friday, July 20, 2012 | SC Magazine
SecureState’s Termineter was featured in SC Magazine: For IT Security Professionals. The article, “Firm Releases Open-Source Smart Meter Assessment Tool,” discusses Termineter and the release as an opportunity to raise awareness for the security concerns surround smart meters.
Tuesday, June 26, 2012 | CIO.com
SecureState’s CEO Ken Stasiak and Audit and Compliance Manager Brian Dean were quoted in CIO.com’s “14 Tips to Help New College Grads Land a (Good) IT Job.” Stasiak mentions the importance of connecting with others on LinkedIn, while Dean discusses the difficulty in applying classroom concepts to real-life experiences. Click to read the “14 Tips.”
Tuesday, June 26, 2012 | Dark Reading
Dark Reading featured a PR Newswire article on SecureState’s Termineter. “SecureState’s Research and Innovation Team to Release Smart Meter Hacking Framework” highlights the prerelease of Termineter, the tool that allows the manipulation of Smart Meters.
Wednesday, April 18, 2012 | Enterprise Networking Planet
Chris Clymer was mentioned in Enterprise Networking Planet’s “BYOD: Barbarians at the Gate” article by Robert McGarvey. In the article Clymer is quoted explaining the necessary steps that organizations must take to protect corporate data from personal devices. Click here to read more!
Monday, April 16, 2012 | InfoWorld
Dirty IT jobs don't always look so dirty at first glance. Dressing up like Tom Cruise in "Mission: Impossible" and breaking into a secured facility sounds like a blast -- until you're trapped for two hours in the freezing rain waiting to be rescued. Think writing sexy games would be fun? Imagine poring over endless photo sets of explicit anatomical closeups.
Monday, April 09, 2012 | Bank Systems & Technology
The move to cloud computing services is a big one for most IT organizations. But nowhere is the change more profound than in security, where the use of cloud services introduces a whole new array of questions and concerns.
Wednesday, April 04, 2012 | Gov Info Security
Should you accept a Facebook friend request from your boss? And if you don't accept the invitation, could that decision possibly hurt your career?
Wednesday, April 04, 2012 | Dark Reading
SecureState’s Advisory Services Manager Chris Clymer wrote “Tracking and Measuring Cloud Providers’ Security Performance” for Dark Reading. Clymer provides tips for evaluating whether or not cloud providers are meeting their security claims. Read the article here!
Friday, March 30, 2012 | darkreading.com
Tom Eston was mentioned in Dark Reading for his presentation with John H. Sawyer and Kevin Johnson at OWASP AppSecDC. The article titled “Forensic Approach to App Vulnerability Research” discusses using PC forensic tools to conduct research on mobile applications and their vulnerabilities.
Friday, March 23, 2012 | FOX 8 Cleveland
Mentor Police are asking for the public’s help in finding a man who was caught on camera ‘skimming’ an ATM last week. “Somebody drove up and attached a skimmer to the ATM at First Merit Bank on SR 306. And then the next day, on camera, they came back about the same time and removed that skimmer from the ATM machine,” said Sgt. Rich Slovenkay, with the Mentor Police.
Thursday, March 22, 2012 | Information Week
Vulnerability scanners can be used to help detect and fix systemic problems in the organization’s security program and monitor the effectiveness of the organization’s security controls. Choosing the right vulnerability scanner for your environment can be a tricky process because every organization has its own challenges and needs.
Friday, March 16, 2012 | Dark Reading
Rolling out a mobile device management (MDM) solution is one option, but just how much control should you impose?
Monday, March 12, 2012 | Infosecurity Magazine
Conventional wisdom says that, due to its smaller market share, the Mac OS X is far less susceptible to security threats than its operating system counterparts. But times are changing – along with Apple’s market share – which prompted Esther Shein to explore the myth that the Mac OS X is still immune to today’s malware threats.
Wednesday, February 29, 2012 | Infosec Institute
When it comes to deciding what security certifications to pursue, IT professionals should understand that they will be better off career-wise if they ask—and then answer—the right questions before choosing.
Wednesday, February 29, 2012 | NewsNet5
Thursday, February 02, 2012 | NewsNet5
Searching websites is nothing new on the Internet. Many people use them to find old friends or look up an ex. But there is one site so revealing some call it the Internet white pages for stalkers. Self-proclaimed as "not your grandma's white pages," the website Spokeo.com has created a lot of buzz when it comes to personal privacy.
Thursday, January 12, 2012 | WKYC-TV
Spending less and saving more is always a top resolution once New Year's hits. More people are turning to websites to do the budgeting work for them, but there's something in the fine print you'll want to be aware of. Changing spending habits can be hard, but free online budgeting websites promise to do the work for you.
Friday, November 18, 2011 | FOX 8
Eston and his colleague, Matt Neely, counsel executives around the world on how to keep criminals from violating their corporate websites. The two consultants also specialize in smartphone security.
“The bad guys are going to move on to somebody else if you just have a little bit of resistance,” Neely told Call For Action.
Thursday, November 10, 2011 | PenTest Magazine
This whitepaper presents background information about the Payment Card Industry’s (PCI) Payment Application Data Security Standard (PA-DSS), and discusses PA-DSS Validation by the Payment Application Qualified Security Assessor (PA-QSA). Strong PCI experience, forensics expertise, and technical writing skills are needed to perform PA-DSS Validation services for payment application software vendors.
Wednesday, November 09, 2011 | Dynamic CIO
You probably are familiar with the classic security assessments: internal and external penetration testing, security risk assessments, and PCI gap assessments.
You may not be as familiar with, or even aware of, other assessments that may be just as valuable for strengthening your security program.
Some of these less familiar assessments are new, the result of emerging technology and regulations, but others have been around for several years and just haven't gotten the attention they deserve.
Monday, November 07, 2011 | PenTest Magazine
Establishing strong policies and procedures for access to an iPad is absolutely critical to protecting sensitive information. Password enforcement is the front line of defense against unauthorized access, and can be configured and enforced over the air by using Microsoft Exchange. Additionally, there are secure methods to configure the device to an environment where specific settings, policies, and restrictions must be in place. These methods provide flexible options for establishing a standard level of protection for authorized users.
Wednesday, October 26, 2011 | CSO.com
In a February 2010 talk called "Social Zombies II: Your Friends Need More Brains," security practitioners Tom Eston, Kevin Johnson and Robin Wood explained how these applications are susceptible to malware pushers and those looking to steal your personal information. It's not much of a stretch for hackers to impersonate people you think are trusted, fellow players, as is the case with a lot of online gaming.
Thursday, October 13, 2011 | ITWorld.com
If it were just that easy: The devil sitting on one shoulder and an angel perched on the other, each offering up his/her advice on security trends. Well, after you read this blog post, you will have all the information you require on the topic, and will not need any ethereal guidance. I’ve assembled two lists: one of security trends you’d do well to avoid, the other of security trends you’d be wise to embrace.
Thursday, October 13, 2011 | InfoSec Island
Avoid Becoming a Security Statistic – Prioritize PCI Goals and Know Your Threats
Over the last few months the Prioritized Approach for PCI DSS Version 2.0 and Verizon 2011 Data Breach Investigations Report were released for our reading pleasure.
I took a look at the correlation between actual breach statistics within Verizon’s report and the prioritized guidance for complying with PCI DSS requirements and found that it’s spot on.
Wednesday, October 12, 2011 | Pen Test Magazine
Security Company Reveals Security Issues with Apple’s OS X Lion Operating System
SecureState, an information security company, announces a new security issue with Apple’s OS X Lion operating system and its captive portal functionality. Members of the SecureState Profiling Team were instrumental in researching and revealing the attack
Friday, October 07, 2011 | ComputerWorld UK
Protecting your smartphone from malware:Which is the safest phone platform?
Friday, October 07, 2011 | CIO.com
As Spencer McIntyre of SecureState explains, there are unique differences and threats specific to each smartphone.
Friday, October 07, 2011 | PC World
These days, it is almost impossible to meet someone who doesn't own a cell phone. More specifically, smart phones, whether it be the trendy iPhone, corporate favored Blackberry or modern Windows Mobile, almost everyone has joined the smart phone frenzy -- and with good reason. A smart phone offers more advanced computing ability and connectivity than a contemporary phone.
Friday, October 07, 2011 | DarkReading.com
DerbyCon's successful first year reminds us of what the security community is all about: sharing and learning from others, promoting new ideas, and advancing the art of security.
Thursday, October 06, 2011 | CSO Magazine
Which smartphone is the most secure? Not all mobile phone operating systems are created equal. As Spencer McIntyre of SecureState explains, there are unique differences and threats specific to each smartphone and, in the end, security is largely up to the user.
Tuesday, October 04, 2011 | InfoSec Island
Which is Easier to Find, The Holy Grail or a PA-DSS Implementation Guide?
I recently attended the PCI Community Meeting in Arizona. As both a QSA and PA-QSA one of the things I find very interesting when talking to other certified QSA's and PA-QSA's is that issues are very consistent across the board.
Friday, September 30, 2011 | InfoSec Island
If it were just that easy: The devil sitting on one shoulder and an angel perched on the other, each offering up his/her advice on security trends.
Well, after you read this blog post, you will have all the information you require on the topic, and will not need any ethereal guidance.
Thursday, September 29, 2011 | InfoSec Island
DerbyCon is almost here. With an all star line up, I anticipate that DerbyCon will truly live up to the hype. I want to take a moment to discuss a few talks that I am especially excited about.
The Browser Exploit Against SSL/TLS Tool or BEAST is a tool written by Thai Duong and Juliano Rizzo that exploits a 10 year old flaw in SSL/TLS 1.0 and its use of cipher block chaining (CBC).
Until now, exploiting the vulnerability was only thought of as theoretical.
Tuesday, September 13, 2011 | Green Sheet
We are all students in the payments industry. And Visa Inc. recently upped the ISO and merchant level salesperson (MLS) education ante by pushing the U.S. market to adopt Europay/MasterCard/Visa (EMV) contact and contactless chip technology. Visa stated this will "help prepare the U.S. payment infrastructure for the arrival of NFC-based mobile payments by building the necessary infrastructure to accept and process chip transactions that support either a signature or PIN at the point of sale." An EMV card uses a computer chip rather than a mag stripe for transaction authentication. ISOs now must quickly discern what EMV means, how it works, and when and where the technology should be installed.
Thursday, September 08, 2011 | PC Magazine
The Sept. 11 attacks brought new attention to cybersecurity. The experts weigh in what we got right, what we got wrong, and what we missed entirely in the wake of 9/11.
Thursday, September 01, 2011 | InfoSec Island
Data Loss (or Leakage) Protection (DLP) has been a hot topic for a while now, and while as a concept DLP has a lot of merit, most organizations are not ready to implement.
Sunday, August 28, 2011 | Varanoid.com
LifeSize Room appliance contains an authentication bypass and arbitrary code injection vulnerability when failing to sanitize input from unauthenticated clients. According to LifeSize’s website “LifeSize Room combines an immersive, high definition video experience with a rich set of features to deliver a powerful, flexible, and easy-to-use video communication solution.”
Sunday, August 28, 2011 | Security Focus
Discovered: 07-13-11By: Spencer McIntyre (zeroSteiner) SecureState R&D Teamwww.securestate.com
Background:--Multiple vulnerabilities within the LifeSize Room appliance.
Vulnerability Summaries:--Login page can be bypassed, granting administrative access to the web interface.Unauthenticated OS command injection is possible through the web interface.The easiest way to perform these attacks is using a web proxy.
Tuesday, August 23, 2011 | The Ruby Group
"We hired The Ruby Group as a trusted advisor about a year ago. Looking back on our time working together I have seen a significant amount of growth in how our sales team manages their time. One of the biggest challenges that we were facing was that our selling cycle was becoming too long. This meant we were wasting a lot of our salespeople’s time as well as our consultant’s time by bringing them into unqualified situations."
Tuesday, August 16, 2011 | CSO Magazine
What are the common indications that an organization's vulnerability management program is not functioning properly? Gary McCully of SecureState presents methods and suggestions for rooting them out and addressing the problems.
Monday, August 08, 2011 | TMCnet.com
In a press release, Rapid7 said that its senior security consultant and researcher, Joshua “Jabra (News - Alert)” Abraham, has teamed up with Tom Eston of SecureState and Kevin Johnson of Secure Ideas. In a joint session at Black Hat USA 2011 and DEF CON 19, these industry veterans are going to jointly present their ground breaking research on testing Web services. According to Rapid 7, the trio is going to disclose a new Web services testing methodology and portfolio of open source testing tools. This development answers a longstanding industry need for clarification on Web services testing and stronger testing solutions, and will provide immediate relief for penetration testers, the sources at the company revealed.
Monday, June 06, 2011 | Networkworld.com
Most malware still targets Microsoft platform, but Mac OS X has some security deficiencies, according to one expert.
Although Mac users are more likely to experience virus-free computing than Windows PC owners, there is nothing inherently more secure about Apple's operating system, and in certain respects Mac OS X is more vulnerable than Windows, a security expert tells Network World.
Chris Clymer, a consultant at SecureState, says the Mac's low market share still keeps it cleaner than Windows. But the recent "Mac Defender" attack illustrates the vulnerabilities in the platform, which is designed first and foremost for usability, rather than security.
Monday, May 02, 2011 | www.healthcareinfosecurity.com
Because so many healthcare information breaches stem from lost or stolen drives, including some that were kept in data centers, organizations are looking for ways to improve physical security. SecureState's Andrew Weidenhamer offers insights on physical security measures that can help prevent breaches.
Wednesday, January 12, 2011 | Columbus Dispatch
"People automatically trust that, if it's on Facebook, then it's probably secure and vetted by Facebook in some way," said Tom Eston, a senior consultant for SecureState, a security-management consulting firm.
But even Facebook admits that keeping its customers safe is difficult.
Tuesday, January 11, 2011 | Accounting Today
"We have seen the legal profession secure their portals, but many accounting firms are lacking in technical security and protecting client data, storage, communications, and file sharing."
Friday, January 07, 2011 | ITWORLD
If you are in charge of IT and/or Security and you do not have that compliance and/or auditor twinkle in your eye, you might twinge each time someone says PCI, HIPAA, ISO, GLBA, SOX, or any other regulation or evil acronym that might be thrown your way.
Monday, January 03, 2011 | NationalCyberSecurity.com
Facebook is the latest hot spot for swindlers in search of new victims.
And the world’s most popular social-networking website can be a gold mine for such crooks, experts say.
Thursday, December 30, 2010 | Tennessean
Wednesday, December 29, 2010 | WEWS Channel 5 News
"It's absolutely tough to surf anonymously, privately and securely," SecureState Sr. Consultant John Melvin said.
Wednesday, December 29, 2010 | MSNBC
It only takes seconds for security consultant Tom Eston to clone a website."It looks just like Twitter. It's identical," Eston said.Fake sites are stealing identities in a scheme called tabnabbing. It starts when you open several tabs or websites in the same browser. Hackers steal one of your tabs while you're not looking.
Monday, December 27, 2010 | Orlando Sentinel
"Cybercriminals on Facebook today come cloaked as real friends sending messages asking you to wire them money in a foreign country or posting a note on your wall with a funny video that's really a dangerous link.
The scammers are smart, sneaky and hoping you fall for their tricks. They do it for various reasons, including stealing your identity or using your personal data to sell to marketers or simply spread malicious software that can destroy your computer."
Friday, December 17, 2010 | The New New Internet
Luckily, there are several ways to protect personal information. For instance, Andrew Weidenhamer, audit and compliance manger for SecureState, said his company performs privacy assessment for organizations to ensure they are complying with various privacy laws and regulations. As a result, SecureState customers’ private information is better protected, he said.
Wednesday, December 08, 2010 | Weatherhead
"Q: How does your organization make a significant impact on the community and regional economy?
We do everything we can to support the local community by positioning our business for growth. We are in the process of completing an 18,000 square feet renovation, investing over $2 million in the project. SecureState’s team is dedicated to supporting its community. By staying involved with special programs and services, SecureState has contributed to the community through education, service, and donations."
Tuesday, November 23, 2010 | ITWORLD
We have all heard the business adage that you cannot manage what you don't measure. For those in Information Security or Information Technology, this can have far-reaching implications. Without concrete data to query and present, business unit leaders are left wanting. It is difficult to grasp the importance of security or its necessity if there is nothing to back it up. A sound Metrics Program can help....
Wednesday, October 20, 2010 | Tech News World
"Basically, what people need to know is that these applications are not owned by Facebook," said Tom Eston, senior consultant and social media strategist at SecureState.
"Developers simply use the Facebook API to interface with their application -- such as with Farmville/Mafia Wars," Eston told TechNewsWorld. "The developer of these applications can 'request' information from your profile as it's required by the application."
Wednesday, September 22, 2010 | WEWS Channel 5 News
We've all had emails from strangers that ask for our help in a time of crisis. They're typically part of a scheme to steal your money. But, what if a friend sent you one of these emails? Would you believe it?
Monday, September 20, 2010 | ITWORLD
"Everyone wants a logYou're gonna love it, logCome on and get your logEveryone needs a loglog log log" – Ren and Stimpy
"I use OSSEC pretty regularly on Linux and Windows servers. It is incredibly useful because of its ability to parse and correlate a large number of log formats, as well as granularly react to logs based on rules that, out of the box, encompass a large amount of what I consider useful information. This includes bruteforce password attempts, suspected malicious activity, and when configured in conjunction with iptables, host scanning attempts. This link defines what OSSEC is, but is a digression from the point of this blog, which is how to use OSSEC to parse auditd logs."
Monday, September 13, 2010 | WEWS Channel 5 News
"When you're checking your inbox, don’t open an email that appears to be from someone you know with the subject line 'Here you have,' or 'Just for you.' It's the latest worm hitting computers."
"You just have to think before you click," said Tom Eston, security consultant of SecureState ."
Monday, September 06, 2010 | ITWORLD
Everywhere you look, there are articles, research and analysis on the topic of cloud computing. It has even been termed, "the most significant shift in information technology in our lifetimes." The positive aspects are exciting and offer many benefits, including access to applications, storage for legacy data, and powerful computer processing - all with the click of a mouse. For companies that want to avoid purchasing entire systems of IT software and hiring the talent to operate and secure them, this option may seem very tempting. One common concern that should be analyzed and researched thoroughly is the issue of security in cloud computing. Any future cloud user should gather as much information as possible about their potential cloud provider before sending any data to the cloud.
Friday, September 03, 2010 | ZDNet.com
Facebook yesterday announced a new remote log-out security feature that allows users to see all of the active login sessions for your Facebook account. How does this work? First, a little background education.
Wednesday, September 01, 2010 | ITWORLD
Facebook recently released a new feature called "Places" which aims to tap into the growing location based services market made popular by other social networks like FourSquare and Gowalla. Facebook Places allows you to "check-in" to a location with your mobile device. You can check-in with the official Facebook application for the iPhone or Android or you can use the Facebook mobile site: touch.facebook.com. You can use touch.facebook.com if you have a location aware web browser such as Firefox, Opera or Chrome. In this post we will explore what Facebook Places is, how businesses are going to use it, the privacy and security concerns, and how one can fake a location check-in with a few easy steps.
Monday, August 23, 2010 | ITWORLD
You can Google "trust, but verify" and come up with hundreds of articles regarding one of Ronald Reagan's signature catch phrases, accountability, auditing, etc. It can also be considered the default credo of the auditing community. Regardless of where it came from and the potential overuse of the phrase, it's what I live by and is a code that should be followed by anyone responsible for their company's compliance/governance programs and the security of sensitive data. Just about every regulation that deals with the protection of sensitive information requires some form of risk management and/or validation of controls. Proper compliance and risk management programs will not be successful without a high level of verification that proper security controls are in place and operating effectively.
Monday, August 16, 2010 | ITWORLD
Jason Leuenberger featured in IT World.
Thursday, August 12, 2010 | UBM TechWeb
Steve Erdman gives advice on taking virtualization to a client.
Thursday, August 12, 2010 | Automation World
Steve Marchewitz discusses the steps that need to be taken to assess an organization's risk annually in an article focusing on how to protect your control networks.
Thursday, August 12, 2010 | Network World
Tom Eston discusses the InfoSec Mentors Program. This program allows IT security pros to mentor each other and share ideas about the industry.
Tuesday, August 10, 2010 | BankInfo Security
SecureState's Matt Davis discusses PCI issues, "The only problem with the standards is it used to say 'for systems commonly affected,' which really meant MS Windows. The affected systems were Linux and thus the standard was fixed to say all systems.
Tuesday, July 27, 2010 | ITWORLD
Dave Sopata's blog titled "What your multi-function printer knows can hurt you" is featured on ITWorld's website.
Monday, July 26, 2010 | ITExpert Voice
Alex Hamerstone and Steve Erdman discuss six great tips for great IT security policies for your organziation.
Sunday, July 25, 2010 | ITExpert Voice
Alex Hamerstone discusses how to regulate the internal social network in an article about an organization's internet policy.
Thursday, July 22, 2010 | NewsNet5
Tom Eston discusses tabnabbing and it's ability to steal your personal information.
Tuesday, July 20, 2010 | ITWORLD
Chris Murrey's blog featured on the ITWORLD website as the "Daily Tip."
Monday, April 12, 2010 | Imaging Economics
Matt Davis discusses confidentiality in an era of electronic health records where encryption can minimize your exposure in the event of a breach.
Friday, April 02, 2010 | Smart Business Online
Ken Stasiak talks about how he empowers his employees at SecureState LLC.
Monday, March 01, 2010 | Crain's Cleveland Business
SecureState’s Matt Davis discusses the importance of repairing reputation in data breaches as well as legal obligation. Davis says, businesses likely are paying more attention as laws like the Health Insurance Portability and Accountability Act have been altered to have more stringent reporting requirements.
Monday, September 28, 2009 | BankInfoSecurity
SecureState's Matt Davis discusses what he expects to emerge from PCI standards in 2010
Wednesday, July 15, 2009 | Crain's Cleveland Business
SecureState has secured a contract big enough to more than double the company's size over the next five years.
Copyright © 2015 SecureState LLC. All rights reserved.
23340 Miles Road Cleveland, Ohio 44128-5493 |
Terms &Conditions |