Miles Associates LLC

Where PCI DSS Still Falls Short (and How to Make it Better)  – Former CISO and Symantec strategic consulting director Ariel Silverstone goes through PCI DSS line by line and offers suggestions to make it more effective.

Currently, I believe it is possible to be 100 percent PCI compliant and have no real security.

via Where PCI DSS Still Falls Short (and How to Make it Better).  By my frieind, Ariel Silverstone.

Some attendees at RSA Conference 2009 wondered aloud if the gathering still has much value. CSO Senior Editor Bill Brenner offers his assessment

via Has RSA Jumped the Shark?.

Also, here is the report of my friend, Ariel Silverstone.

Downturn or no downturn, it’s nice to upgrade your tech gadgets now and again, especially when they are so old that your colleagues are looking at you sideways. But once you’ve bought — or been given — that great new digital camera, or smartphone, or laptop, what do you do with the old one?

You know you shouldn’t just throw it in the garbage — the environmental hazards of simply discarding electronics have been well documented. But many of us haven’t the vaguest idea how to dispose of the stuff safely.

via Smartphones to Laptops: Recycling Your Tech Gear is Easy.

Bridging the Server Divide

Consolidating Linux and Windows servers may not be easy, but it may be best for the business.

Over the last several years, it has become very clear that the two dominant server operating system environments are Windows and Linux. In fact, it’s not at all uncommon to find both these environments running inside the same organization…

Most IT organizations chalk up the bickering between the Windows and Linux partisans to good-natured rivalry. But as the economy has taken what looks like an extended turn for the worse, the issue of costs associated with running both operating environments is starting to raise its ugly head.

More »

Wow, 11 updates for my XP laptop…

Microsoft Security Bulletin Summary for April 2009

This bulletin summary lists security bulletins released for April 2009.

via Microsoft Security Bulletin Summary for April 2009.

…59 percent of employees who lost or left a job in 2008 admitted to stealing confidential company information. Most startlingly, 82 percent of respondents reported that their employers didn’t perform an audit or review of paper or electronics before they left their jobs and nearly a quarter of respondents had access to their employer’s network after they left.

With more layoffs on the horizon in the upcoming months, many CIOs are going to need to be prepared to help protect the business from desperate employees. This means finding a way to efficiently deprovision accounts, prevent unauthorized data dumps, and generally keep tabs on how employees interact with data.

via Know It All – Security – Recession-era Security Threats Find Companies Unprepared.

The fiber-optic outage—actually sabotage—in the Bay Area on Thursday reveals a dirty little secret: Our infrastructure is ridiculously vulnerable and it only takes a few vandals (or terrorists) to bring communication to its knees.

While it’s unclear what exactly happened, AT&T is offering a $100,000 now $250,000 reward to find the vandals that cut into fiber optic wires and whacked everything from hosting centers, 911 calls and other communication. Sam said it best: No matter how advanced we get we’re still hooked up to a big wire somewhere.

That’s not going to change. The big question: How are we going to protect those big wires?

via Jason Hiner at AT&T fiber outage shows how easily attackers could wipe out our communications | Tech Sanity Check | TechRepublic.com.