With yesterday’s introduction[reuters.com] of Google Health, we can now add personal health records and related information to the types of data Google is storing. This service includes connections to pharmacies, like Walgreen Co. and CVS Caremark, and other health groups. It will “allow patients to schedule appointments, refill prescriptions, receive diagnostic results online, and instantly add their doctors’ email addresses to a list of contacts.”

This service sounds very useful and is likely to be used by many people. My concern is that as the diversity and sensitivity of data Google is storing increases, so does it’s attractiveness as a target for those with malicious intent. According to Marissa Mayer, Google’s vice president for search services and user experience, the service involves an additional layer of security and the data is stored separately from Google’s other data. Mayer stated that, “We certainly have put in place the foremost privacy policy[google.com] that we could construct.” We all hope so!

Dominic Schulte

Dominic Schulte currently serves as the Managing Director of Security Services & Consulting at TRUE, where he is responsible for the execution of a wide range of security and regulatory compliance services. Previously, Dominic worked with the National Security Agency (NSA) as a Global Network Exploitation and Vulnerability Analyst in the National Security Incident and Response Center (NSIRC). He holds CISSP, QSA and CNSS 4011-4015 certifications.

We can all breathe a collectively sigh of relief – terrorists now have the ability to communicate securely[reuters.com]. I was really starting to be concerned for their privacy…

Dominic Schulte

Dominic Schulte currently serves as the Managing Director of Security Services & Consulting at TRUE, where he is responsible for the execution of a wide range of security and regulatory compliance services. Previously, Dominic worked with the National Security Agency (NSA) as a Global Network Exploitation and Vulnerability Analyst in the National Security Incident and Response Center (NSIRC). He holds CISSP, QSA and CNSS 4011-4015 certifications.

On Friday, the DHS took another step forward[news.com] in their drive to increase the reliability of state drivers’ licenses by releasing their “Final Rule,”[dhs.gov] of minimum standards for compliance. These changes are required by the REAL ID Act of 2005 and have been a source of controversy in the security and civil-rights communities. Additionally, some states have passed legislation rejecting REAL ID.

Dominic Schulte

Dominic Schulte currently serves as the Managing Director of Security Services & Consulting at TRUE, where he is responsible for the execution of a wide range of security and regulatory compliance services. Previously, Dominic worked with the National Security Agency (NSA) as a Global Network Exploitation and Vulnerability Analyst in the National Security Incident and Response Center (NSIRC). He holds CISSP, QSA and CNSS 4011-4015 certifications.

The AP has released a story [FOXNews.com] detailing that a New Jersey company which provides accounting software to the adult-entertainment industry has been hacked. The software apparently tracks referrals from one website to another and determines how much each website owner is supposed to be paid based on those referrals. The breach allowed the attackers to obtain the subscriber lists of several adult websites. Those subscribers are now being spammed with targeted adult advertisements from competitor websites. The greatest quote from the article from the owner of several adult websites: “There’s a loss, in my opinion, of user confidence.”

Brett Edgar

Brett is a Founder and the Director of Managed Security Services at TRUE. He has been working in the system and network forensics field since graduating from the University of Tulsa with a B.S. Computer Science in 2003. He speaks hexadecimal fluently and is TRUE's resident human Ethernet transceiver. He holds CISSP, CSSLP, and CNSS 4011-4015 certificates, loves MLB and NCAA Football, and when he gets tired of hexadecimal, he goes home to hang out with his wife and kid.

Twitter - More Posts