laptop with lock on it

Two-Factor Authentication: A Resolution That Works

Russell W. Gilmore, CISSP, CISM, EnCE Computer Forensics, Electronic Data Recovery, Mobile Forensics, Security Policy and Procedure Development, Theft, Embezzlement, and Fraud

Many people ring in the New Year with celebrations and hopes of a better year. The New Year symbolizes the ending of one year and the beginning of another even better year. Some offer advice to bring happiness and prosperity to others: Eat twelve grapes at midnight or eat black-eyed peas on January 1. My advice is more concrete and …

technology rush

The Wild West of Bring Your Own Device (BYOD)

Tasha Dyson, CFE Compliance, Computer Forensics, Mobile Forensics

The Wild West When you think about the Wild West, what do you see? Do you picture unspoiled scenery, picturesque cattle drives, spacious farms, gold miners, unfettered individual freedom, rugged individualism, and no federal income taxes? This is definitely a “romantic” picture. Remember the darker side. Don’t forget about the lawless gangs of robbers, disputes settled by gunfights, and clashes …

bring your own device

Benefits and Disadvantages of BYOD

Russell W. Gilmore, CISSP, CISM, EnCE Security Planning, Security Policy and Procedure Development, Security Program Development

What is BYOD? BYOD is an acronym for “Bring Your Own Device.” It refers to the practice of employees using a personal device for work. With BYOD, a single individual has the capacity to affect himself, those close to him, the company, and potentially millions of other people. One unsecured device can harm millions of individuals and organizations who may …

High Stakes Cyber article

Companies Can be Liable for Failing to Maintain Adequate Cyber Security

Christine L. Peterson, CPP, ISP Compliance, Corporate Compliance, Intellectual Property, News, Security Policy and Procedure Development

How much customer data do you have? Is it secure? If so, you should read High Stakes Cyber as published in Security Management. In brief, the FTC can hold companies liable for failing to maintain adequate cybersecurity, even though the commission has not defined minimum cybersecurity standards through rules or regulations. Even in this case, the court did not articulate …

Campus Safety article on safety during investigations

Keeping the Campus Safe during a Title IX Investigation

Christine L. Peterson, CPP, ISP Civil Rights, Clery Act, SaVE Act, Title IX, Training, VAWA, Workplace Violence, WPV Support, WPV Threat Assessment, WPV Training

Should campus security conduct a behavioral threat assessment concurrent to a Title IX sexual violence investigation? Campus Safety’s feature on Threat Assessment Teams provides three steps to help maintain security during an investigation. Read more: 3 Steps to Keeping Victims and Campuses Safe During Title IX and VAWA Investigations     Plan. Protect. Prosper. Protus3 specializes in security system design, …

Campus Safety article about guns on campus

CCP Holders and Guns on Campus

Christine L. Peterson, CPP, ISP Crisis Management Planning, News, Security Policy and Procedure Development, Training, Workplace Violence, WPV Training

Should CCP holders be allowed to carry guns on campus? There are studies that show during times of great stress, a person will experience changes that affect their physiological, sensory and cognitive processes which can prevent appropriate responses in very serious situation. These responses can affect critical decision-making processes. For example, check out the eleven reservations of a “gun guy.” …

empty classroom

Reflections on Oregon Shooting

Christine L. Peterson, CPP, ISP Security Planning, Security Policy and Procedure Development, Security Program Development, Workplace Violence

The shooting at Umpqua Community College on October 1, 2015, made us think. Security events are deliberate actions by people to cause harm. There is no way that any organization can keep people who are adequately motivated and have access to the right resources from attempting to commit harm. What we can do is harden ourselves as targets. This will …

Policy and Procedure Flow Chart

A Company Model for Developing Policies and Procedures

Christine L. Peterson, CPP, ISP Compliance, Corporate Compliance, Security Policy and Procedure Development, Security Program Development

While attending the NCMS Carolinas Chapter meeting at Cisco Systems recently, I saw a presentation by Mark Whitteker, MSIA, CISSP, ISP. Mark comes out of the IT security world, so most of his presentation focused on IT security. He also presented a segment on Building a Comprehensive Security Architecture Framework that might benefit all of us. Mark shared with the …