Friday, March 12, 2010

Navigation
Recent Posts
Bookmark and Share

Archive for the ‘The Great Borack’ Category

Alan on Aetna

PostDateIcon April 28th, 2006

I received this via email from Alan Borack (a friend and colleague) about the recent disclosure by Aetna about losing member data, and with his permission am posting his comments here.

How long do you think it will take for the 2 companies impacted to notify
their employees they are among the 38,000 names on the laptop?

I know 2 that have Aetna as their medical insurance carrier — Merrill Lynch
and AT&T — two places I spent a few days at. Arrrgh

The real question is — ‘why did the Aetna employee have personal client
data on the company laptop in the first place?’

More and more banks are moving towards replacing desktop computers with what
we used to call ‘dumb terminals’ to lower costs and to prevent users from
saving information to the hard drive, cdrom or usb drives. Laptops too, are
being issued only to key personnel – namely technical support and officer
types – the kinds of people who don’t have or need direct access to personal
information of employees or clients.

All good questions from a seasoned veteran of financial services; why indeed do all these folks have our personal data on their laptops?

Bookmark and Share
PostCategoryIcon Posted in Breaches, The Great Borack | PostCommentsIcon No Comments »
“Make sense of what to deploy to protect your network.”
Blog Cloud

The Law: Fear It Administrative Cruft (16)
Analysts (31)
Apple (25)
AppSec (12)
Assessments (2)
Auditors (2)
Biometrics (4)
Blogs (13)
Breaches (21)
Buzzwords (2)
By Grabthar's Hammer!! (1)
Certifications (1)
Change Management (1)
Cheezburger Network (1)
Chupacabra (1)
Cloud Computing Security (4)
Collaborative Strategy Guild (2)
Compliance (4)
Copyright (9)
Credit Cards (3)
Crypto (11)
CXO Summit 2010 (1)
Cyberterrorism (2)
Data Protection (1)
DHS (25)
eBay (1)
Emergence (1)
End-to-End Encryption (1)
England (1)
Financial Fraud (1)
FISAP (1)
Forensics (5)
FTC Red Flad Rules (1)
FUD (12)
gnisreveR (2)
Google (2)
Holidays! (3)
Humor (16)
Identity Theft (4)
James Bond Shiz (1)
Legal Shiz (13)
Linux (3)
Malware (35)
Marketing and PR (9)
Messaging Security (1)
Microsoft (26)
Monoculture (3)
Mouth-Frothing (2)
Musings (17)
Open Source (3)
Oracle (21)
Outsourcing (4)
Paris Hilton (1)
Passwords (1)
PCI (4)
Phish-Eye (8)
Phones (5)
Planes (1)
Privacy (1)
Programming (1)
QDSP Blues (15)
Research (30)
Resources (6)
Rhesus Monkeys (2)
Risk Management (18)
RSA 2009 (1)
RSA 2010 (1)
SAML (1)
SAN (1)
SC Mag Blues (1)
SCADA (1)
Security Curve (8)
SecurityCurve Speaking (2)
SIEM and Log Management (5)
Social Networking (1)
SOX (1)
Speaking (2)
Spinach (1)
Spy Stuff (1)
Stealing Stuff (8)
Storage (1)
Symantec (7)
Tarot (1)
Teleological suspension of the ethical (3)
The Great Borack (1)
The Law: Fear It (10)
The Old Man of the Mountain (1)
The Regs (5)
Tokenization (1)
Useless Shizz (13)
Vendors (37)
Virtual Worlds (2)
Voting (2)
Vulnerabilities (40)
Walt Disney (2)
Wi-Fi (16)

WP Cumulus Flash tag cloud by Roy Tanck and Luke Morton requires Flash Player 9 or better.

Archives

Copyright © 2003-2010 Diana Kelley and SecurityCurve. All Rights Reserved.

Powered by WordPress and WordPress Theme created with Artisteer.