Raxis - Information Security Blog

26
Jan 12

Raxis welcomes new VP of Information Security

Mark Puckett, CISSP, CISM, NSA-IAM Hits: 50 IT Security

Starting in February 2012, Raxis welcomes a new Vice President, Information Security. He will be responsible for developing the overall information security vision, strategy, and architecture for the enterprise, including policy and guidelines to support vision and strategic direction.

Corporate Name Change

Mark Puckett, CISSP, CISM, NSA-IAM Hits: 33 IT Security

In order to prevent confusion from prior business offerings, Raxis is now known legally as Raxis, LLC and remains based in Atlanta, GA. The prior name Raxis Properties, LLC will be phased out over the next few years as clients and business partners update their records. Contact us if you have any questions about the name change.

11
Dec 11

The "Nigerian Scam" continues

Mark Puckett, CISSP, CISM, NSA-IAM Hits: 156 IT Security

I received this scam email a few minutes ago.

Hi, Greetings to you and your family, first I apologize for sending you this sensitive information via e-mail, instead of a Certified mail/Post-mail. This is due to the urgency and importance of the information. My name is Shukri Ghanem, the Libyan oil minister and head of the National Oil Co-operation of Libya. I would like to use your relationship with me to pull my wealth out from our African continent. I was high-ranking Libyan official but I defected and fled the country on the May 17th 2011. I have huge amount of fund with Oilibya Petroleum Company in Ivory Coast I need help to divert this fund far from Africa . Thank you Shukri Ghanem

Bring Your Own Device (BYOD) Security

Mark Puckett Hits: 138 IT Security

One of the biggest shifts in IT trends is the concept of bringing your own device to the work environment. With the popularity of the iPhone and iPad devices, they are showing up on employer networks in increasing numbers, and often creating a situation where company data becomes stored on the device. Concerns are growing with companies as their information may be spread across devices that are within little or no control, and these security concerns can cause issues with regulatory standards as well.

Security by Data Classification

Mark Puckett, CISSP, CISM, NSA-IAM Hits: 100 IT Security

If you're doing risk assessments, you're probably basing your strategy on data classification. This makes a lot of sense you want to protect your critical data, and worry less about the non-critical items. Except, how do you know where your critical data is?

There's several options, one of which is using a product to scan your shares and servers for restricted data types like credit card numbers, social security numbers, etc. An even more advanced solution would be to install a network device, such as an Imperva appliance to search for critical data types. This will allow you to detect systems that contain the data, and perform a more exhaustive risk assessment. In addition, you'll have the ability to prevent the sharing of that data to untrusted networks if needed.