RiskIT Logo

Issue 30                                                     Thursday, June 30, 2011 

 

The 10 Worst Cloud Outages and What We Can Learn From Them 

 

 

Sending your IT busuness to the cloud comes with risk, as those affected by these 10 collosal could outages can attest

As a concept, there's a lot to like about the cloud. Drop those bulky servers and get yourself a big, white hard drive in the sky. Someone else handles the upkeep and lets you put your data where you want it. Even the word "cloud" itself brings to mind a heavenly (if slightly fluffy) fantasy.

The reality is, of course, a mixed bag. What you gain in avoiding upkeep, you lose in control. And the security concerns are considerable. But nowhere is the nightmare as vivid as it is when your cloud service goes down.

To read this article in its entirety, please click:

The 10 Worst Cloud Outages...

Final FFIEC Authentication Guidance Issued

 

  

The Federal Financial Institutions Examination Council has formally released the long-awaited supplement to its "Authentication in an Internet Banking Environment" guidance, which was first issued by the FFIEC in October 2005.

Formal assessments for compliance with the new guidance will begin in January 2012.

The purpose of the supplement is to reinforce the risk-management framework described in the original guidance and update the FFIEC member agencies' supervisory expectations regarding customer authentication, layered security, and other controls in the increasingly hostile online environment.

  

 

To read this article in its entirety, please click:

 

 

 

 

Citigroup Lost $2.7 Million in May Hacker Attack 

 

   

Earlier this month officials from Citigroup confirmed that an unauthorized network access event compromised the private account details of over 360,000 of North American banking clients.

Officials from the banking giant now assert that $2.7 million was stolen from about 3,400 accounts in the May attack.

"Customers are not liable for any fraud on the accounts and are 100 percent protected," the bank said.

Representatives of Citigroup said they detected the breach of the Citi Account Online network through routine monitoring of the systems. It appears that only credit card accounts were exposed in the breach, though some reports suggest that some debit card information may have been involved.


To read this article in its entirety, please click:

Citigroup Lost $2.7 Millionin May Hacker Attack

How Random House Overcame 3 Common Enterprise Collaboration Obstacles

 

Enterprise collaboration tools can foster better communication and elicit transparency from business units. Here's how Random House implemented an enterprise collaboration suite, encouraged adoption and is measuring its success.

With more than 10,000 new book titles and products launching every year, publishing company Random House needed a real-time solution to help manage and share information, and improve employee communication. Email, says VP of IT Chris Hyams Hart, just wasn't cutting it.

"If you have a really important message you need to get to people, email is where it goes to die," he says. "What if marketing needed to know what sales was doing, but not everyone in that email list needed to know? People needed a sense of ambient awareness-they needed to know what was going around them."

To read this article in its entirety, please click:

How Random House Overcame 3 Common Enterprise Collaboration Obstacles
When a Phish is Really Fishy

 

    

We all are recipients of spam and phish. Phishing is a way of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.

By and large, our filters sort out the array of incoming missives and allow those we want into the inbox and those we don't into the junk folder.

Recently, one slipped through. I opened the email and read the contents. I literally burst out laughing as I worked my way through the text -- it was just too good not to share, as it was replete with clues that this wasn't a legitimate summons.

 To read this article in its entirety, please click:

 

 When a Phish is Really Fishy

 

 
RiskIT Logo 
is an email publication provided by

 

Eminere Group Logo 

 

Disaster Recovery Journal

 

 

 

ISACA Logo

 

 

 

 HIMSS Logo

 

 

More Useful Links...
  
  
  
  
  
  
  
  
  
Join Our Mailing List