Tag Archives: dumpster diving

by | February 1, 2010 · 6:15 am

Why a Wastebasket Audit?

Most auditors and security analysts have never performed a wastebasket audit. Why do a trashcan audit?

Continue reading

12 Comments

Filed under Audit, How to..., Security

Tagged as , , , , , , , , , , , , ,

by | December 30, 2009 · 11:14 pm

What Needs to be on a GOOJ Card?

If you probe networks, systems, and applications, you need a GOOJ card to protect yourself and your job.

In How to Stay Out of Jail, I recommended that anyone who scans, probes, or pokes networks, systems, or devices should always carry a get-out-of-jail (GOOJ) card. I also provided some reasons why such a card is critical.

Continue reading

9 Comments

Filed under Audit, How to..., Security, Technology

Tagged as , , , , , , , , , , , , , , , , , , , , , , ,

by | December 28, 2009 · 10:56 pm

How to Stay Out of Jail

If you work in information security or IT audit (and I don’t mean IT SOX audit), I’d advise you to carry a “get-out-of-jail” (GOOJ) card at all times. In short, get permission before you do your dirty work.

Continue reading

4 Comments

Filed under Audit, Security

Tagged as , , , , , , , , , , ,

by | July 30, 2009 · 10:25 pm

Security Awareness Perfect 7

Audry Agle, a former CISO, offers 7 practical ideas for increasing security awareness below. I’ve summarized some of the points and added comments of my own in italics:

1. Appeal to personal lives – Helping people deal with security issues at home tells them you care about THEM, not just company systems and data.

Continue reading

Leave a comment

Filed under Security

Tagged as , , , , , , , , , , , , , , ,

by | March 15, 2009 · 10:22 pm

Another One’s Treasure

Is it really true that one person’s trash is another person’s cash or treasure? It depends. When was the last time a trash can near you contained anything like this?

Continue reading

1 Comment

Filed under Security, Security Scope, Written by Skyyler

Tagged as , , , , , , , , , , , , , , , , ,