Sarbanes Oxley and HIPAA are big security driving entities.
From: Scott Ford
To: IBM-MAIN@bama.ua.edu
Sent: Monday, August 1, 2011 10:05 AM
Subject: Re: disclosing "business" information on the internet
I see several folks talking about the risk in social engineering, what are the
an issue ?
Scott J Ford
Software Engineer
http://www.identityforge.com
From: Bill Johnson
To: IBM-MAIN@bama.ua.edu
Sent: Thursday, July 28, 2011 3:14 PM
Subject: Re: disclosing "business" information on the internet
In our shop, we can't even use our work email address to s
In <1311897956.32913.yahoomailclas...@web31808.mail.mud.yahoo.com>, on
07/28/2011
at 05:05 PM, Cris Hernandez #9 said:
>well, I use my personal email address and not my work email (I
>seriously don't understand how anyone can deal with 50-100 blog
>emails at work daily),
Blog?
40-100 e-mails
In <4e315430.6f0f.008...@efirstbank.com>, on 07/28/2011
at 12:20 PM, Frank Swarbrick said:
>Are these concerns justified or just paranoia?
Yes. It sounds paranoid, but there is at least a theoretical
possibility of social engineering by giving you as a reference for a
scam. Most of the victim
two more thoughts from the mainframe security guy's point of view...
1) word is out that the mvs mainframe has never been hacked and no mainframe
security guy wants to be the first to have their system compromised. strong
motivation to keep the troops in line and not buy into any notions of
in
ng for to be in the ESP of 3390's.
At some point in time I did have a tie line directory and found some other long
lost IBM friends.
Ed
From: Anne & Lynn Wheeler
To: IBM-MAIN@bama.ua.edu
Sent: Friday, July 29, 2011 9:23 AM
Subject: Re: disclosi
way wrote:
> From: Steve Conway
> Subject: Re: disclosing "business" information on the internet
> To: IBM-MAIN@bama.ua.edu
> Date: Friday, July 29, 2011, 9:07 AM
> Ken makes an excellent point.
> In my opinion, this still falls into the
> category of "I don&#
steve_con...@ao.uscourts.gov (Steve Conway) writes:
> From a security standpoint, the less you expose to the outside world, the
> better. Join a few security newsgroups / mailing lists, and see what
> (justified) paranoia REALLY looks like.
we were tangentially involved with the cal. state data
eamacn...@yahoo.ca (Ted MacNEIL) writes:
> Recently, I worked at a shop where our VP told us we must have all
> that info in our signature block -- quite the opposite!
a group of us were the first to have business cards made up with our
internal newtwork email address (as well as arpanet email add
rfocht...@ync.net (Rick Fochtman) writes:
> My two cents' worth: that auditor needs to find a more challenging
> shop. He's "nit-picking" on trivia and showing just how paranoid he
> really is. Too much time on his hands.
one of the biggest challenges when we started doing the (internal)
online te
Subject: Re: disclosing "business" information on the internet
Sent by:IBM Mainframe Discussion List
> -Original Message-
> From: IBM Mainframe Discussion List On Behalf Of Steve Conway
>
> From a security standpoint, the less you expose to t
AIN@bama.ua.edu] On Behalf Of
Steve Conway
Sent: Friday, July 29, 2011 9:08 AM
To: IBM-MAIN@bama.ua.edu
Subject: Re: [IBM-MAIN] disclosing "business" information on the internet
Ken makes an excellent point. In my opinion, this still falls into the
category of "I don't ne
e_con...@ao.uscourts.gov
From: Ted MacNEIL
To: IBM-MAIN@bama.ua.edu
Date: 07/28/2011 04:28 PM
Subject: Re: disclosing "business" information on the internet
Sent by:IBM Mainframe Discussion List
>I like posting this information because I've received useful contacts
re that gets exposed, the
better.
Cheers,,,Steve
Steven F. Conway, CISSP
LA Systems
z/OS Systems Support
Phone: 703.295.1926
steve_con...@ao.uscourts.gov
From: Ken Hume IBM
To: IBM-MAIN@bama.ua.edu
Date: 07/28/2011 03:50 PM
Subject: Re: disclosing "business" infor
> -Original Message-
> From: IBM Mainframe Discussion List On Behalf Of Steve Conway
>
> From a security standpoint, the less you expose to the outside world,
the
> better. Join a few security newsgroups / mailing lists, and see what
> (justified) paranoia REALLY looks like.
>
> [ snip ]
owing local practices, until told otherwise.
Cheers,,,Steve
Steven F. Conway, CISSP
LA Systems
z/OS Systems Support
Phone: 703.295.1926
steve_con...@ao.uscourts.gov
From: Frank Swarbrick
To: IBM-MAIN@bama.ua.edu
Date: 07/28/2011 02:26 PM
Subject:disclosing "business" info
M
To: IBM-MAIN@bama.ua.edu
Sent: Thu, July 28, 2011 3:48:18 PM
Subject: Re: disclosing "business" information on the internet
Frank,
>From your website
"FirstBank has a full-time software developer position available for a .NET
software developer. Responsibilities include a
s, I work in security...
--- On Thu, 7/28/11, Frank Swarbrick wrote:
> From: Frank Swarbrick
> Subject: disclosing "business" information on the internet
> To: IBM-MAIN@bama.ua.edu
> Date: Thursday, July 28, 2011, 2:20 PM
> Here's something that I think may be
>
On Thu, 28 Jul 2011 20:26:42 +, Ted MacNEIL wrote:
>>I like posting this information because I've received useful contacts and
>>information based on it.
>>I'm curious what policies other businesses
>have.
>
>Recently, I worked at a shop where our VP told us we must have all that info
>in o
On 7/28/2011 2:20 PM, Frank Swarbrick wrote:
Our information security officer sent the following to my
manager: "The content Frank is positing does not appear to
be specific to our environment. However, I am concern by the
fact he posts his position, where he works, and phone number.
This creat
>I like posting this information because I've received useful contacts and
>information based on it.
>I'm curious what policies other businesses
have.
Recently, I worked at a shop where our VP told us we must have all that info in
our signature block -- quite the opposite!
-
Ted MacNEIL
eamacn.
-
Here's something that I think may be of general interest.
Our information security officer sent the following to my manager: "The
content Frank is positing does not appear to be specific to our
environment. However, I am concern
Frank,
From your website
"FirstBank has a full-time software developer position available for a
.NET software developer. Responsibilities include analysis, design,
coding, and testing of new multi-tier applications as well as enhancing
existing applications in a team environment.
Applic
Steve Comstock wrote:
On 7/28/2011 12:47 PM, Hal Merritt wrote:
IMNSHO, the risk is real. There are some reports that very
carefully crafted personalized attacks are growing in number
and are enjoying some success.
H. Maybe so. Can you give an example of what "personalized
attack" would be
tention to yourself and your company.
Just ask yourself, do you want to draw that kind of attention to yourself?
>
>
>
> From: Frank Swarbrick
> To: IBM-MAIN@bama.ua.edu
> Sent: Thursday, July 28, 2011 2:20 PM
> Subject: disclosing "bus
In our shop, we can't even use our work email address to subscribe to the
listserv, emails from it are blocked.
From: Frank Swarbrick
To: IBM-MAIN@bama.ua.edu
Sent: Thursday, July 28, 2011 2:20 PM
Subject: disclosing "business" information
lly in the context of ibm-main and
similar lists / listsrvs.
My $0.02
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of
Frank Swarbrick
Sent: Thursday, July 28, 2011 1:20 PM
To: IBM-MAIN@bama.ua.edu
Subject: disclosing "business"
1) paranoia. I would ask what specific security exposure is he trying to
obfuscate/mitigate?
His concern appears to center around social engineering?
He defeats his own argument by " The content Frank is positing does not
appear to be specific to our environment..." This statement seems (to
me)
: Thursday, July 28, 2011 1:20 PM
To: IBM-MAIN@bama.ua.edu
Subject: disclosing "business" information on the internet
Here's something that I think may be of general interest.
Our information security officer sent the following to my manager: "The
content Frank is positing d
On 7/28/2011 12:20 PM, Frank Swarbrick wrote:
Here's something that I think may be of general interest.
Our information security officer sent the following to my manager:
"The content Frank is positing does not appear to be specific to our
environment. However, I am concern by the fact he posts
Frank,
It is not necessarily paranoia. Some businesses prefer a tighter control
over content than others. Many years ago I worked for a bank. We had a
wonder USS10 Sign on screen (hand written 3270 Program). Then one day on
60-Minutes there was a segment on a business that got hacked. They w
Here's something that I think may be of general interest.
Our information security officer sent the following to my manager: "The
content Frank is positing does not appear to be specific to our environment.
However, I am concern by the fact he posts his position, where he works, and
phone num
32 matches
Mail list logo
