GDPR and EU Flag

What is GDPR and does it affect me?

Jerry T. Blanchard, Jr., CPP Compliance, News, Security System Lifespan Management

GDPR is the General Data Protection Regulation adopted by the European Union (EU) in 2016. This just became enforceable as of May 2018. Does it affect me? The short answer is “Yes”. This law may affect you if you have an enterprise class system that collects and shares data around the world. What is GDPR? In a nutshell, GDPR is …

circuitboard with keys

More Than Half of Ex-Employees Still Have Access to Corporate Networks

Christine L. Peterson, CPP, ISP Security Planning, Security Policy and Procedure Development, Security Program Development

In today’s security programs, we often lose sight of the forest for the trees and forget the basics. Removing an employee’s ability to access company property – whether physical access or access to corporate networks – is so basic that it too often gets overlooked. This article from InfoSecurity is a painful reminder of how lax many security programs are. …

High Stakes Cyber article

Companies Can be Liable for Failing to Maintain Adequate Cyber Security

Christine L. Peterson, CPP, ISP Compliance, Corporate Compliance, Intellectual Property, News, Security Policy and Procedure Development

How much customer data do you have? Is it secure? If so, you should read High Stakes Cyber as published in Security Management. In brief, the FTC can hold companies liable for failing to maintain adequate cybersecurity, even though the commission has not defined minimum cybersecurity standards through rules or regulations. Even in this case, the court did not articulate …

locked computer

Data Security: Where There Is Data, There Should Be Policy

Russell W. Gilmore, CISSP, CISM, EnCE Business Continuity Planning, Compliance, Computer Forensics, Corporate Compliance, Crisis Management Planning, Electronic Data Recovery, Security Policy and Procedure Development, Security Program Development

The recent report by the Wall Street Journal about the Morgan Stanley data security breach scares me as an employee. Reportedly, Morgan Stanley terminated Galen Marsh, a financial adviser, for allegedly stealing account information from about 350,000 wealth management clients and posting some of it online. Federal law enforcement officials are focusing their probe on the possibility that Marsh’s computer …

Christine Peterson

RMA Presents at CSI Week at Meredith College

Protus3 Embezzlement, Fraud, News, Theft, Embezzlement, and Fraud, Training

Chris Peterson presented Enemies at the Gate – or Are They Already Inside? as part of CSI Week at Meredith College. CSI Week allows students at Meredith to explore career opportunities in law enforcement and related fields. The event is sponsored by the Sociology and Criminology Programs, and the Sociology & Criminology Club (and with the support of Political Science, …

power shift button

Held Hostage by a Dishonest Employee

Russell W. Gilmore, CISSP, CISM, EnCE Compliance, Computer Forensics, Corporate Compliance, Security Policy and Procedure Development, Security Program Development, Theft, Theft, Embezzlement, and Fraud

I recently was involved in a case in which a company employee was discovered using a company credit card for personal reasons. This happens occasionally, and one would think that immediately terminating the dishonest employee would resolve the issue. But what happens when the employee is the one and only IT person for the company? Many companies have only one person …

Christine Peterson

RMA Presents BYOD Policies at RTP CFO Forum

Protus3 News, Security Program Development, Training

Chris Peterson and www.rmasecurity.com presented BYOD (Bring Your Own Device): Issues and Implications for Companies at the September RTP CFO Forum. The program discussed security issues and considerations for companies when employees connect personal devices to the company network. What issues need to be considered to accommodate lawsuits, audits, and records requests? How can companies prepare for lost or stolen …

pink slip

Terminating an Employee and Company Data

Russell W. Gilmore, CISSP, CISM, EnCE Computer Forensics, Corporate Compliance, Theft, Theft, Embezzlement, and Fraud

Having to terminate an employee is never easy. To make the process even more difficult, consider the recent survey conducted by Harris Interactive on behalf of Courion which stated that 19% of employees age 18 to 34 would take company data with them if they knew they were about to be fired. Read the full story here. Depending on the …

Security Consulting

Security in the Office – A Checklist

Christine L. Peterson, CPP, ISP Embezzlement, Fraud, Security Planning, Security Policy and Procedure Development, Security Program Development, Theft, Theft, Embezzlement, and Fraud, Training

How is your security? The following checklist illustrates the necessary aspects of security that must be addressed for a secure environment. Comply with and support your company’s safety and security program and regulations, and insist that others do the same. Protect wallets, keys, purses, and other personal valuables on the job. This especially includes smartphones and tablets. Challenge strangers in …

RMA Presents PI 230 and PI 240 Training

Protus3 News, Training

RMA presented two days of PI training to over twenty students in Raleigh, NC. PI 230 was presented on Monday, December 10. Mike Epperly provided information on Legal Issues for Private Investigators. Marty Coolidge taught a course on Executive Protection. Billy Green presented Elements of Physical Security. PI 240 was presented on Tuesday, December 11. Rusty Gilmore provided training on …