Archive

Posts Tagged ‘Privacy’

Smart Grid & Privacy

October 11, 2009 Leave a comment

Another MSNBC article Talking about how the avalanche of data expected to be generated by consumer smart homes can be used knowingly or unknowingly to reconstruct your daily/private life.

Utility companies, by gathering hundreds of billions of data points about us, could reconstruct much of our daily lives — when we wake up, when we go home, when we go on vacation, perhaps even when we draw a hot bath. They might sell this information to marketing companies — perhaps a travel agency will send brochures right when the family vacation is about to arrive. Law enforcement officials might use this information against us (“Where were you last night? Home watching TV? That’s not what the power company says … ”). Divorce lawyers could subpoena the data (“You say you’re a good parent, but your children are forced to sleep in 61-degree rooms. For shame …”). A credit bureau or insurance company could penalize you because your energy use patterns are similar to those of other troublesome consumers. Or criminals could spy the data, then plan home burglaries with fine-tuned accuracy.

The Full article can be read HERE

Keeping Cloud Computing Secure

May 17, 2009 Leave a comment

With this trend continuously on the rise ( Google Apps , Salesforce.com , PANDA’s Security Cloud Antivirus …etc) working in the cloud means that you are sharing your information and data with the service provider as well as other customers “might as well be competitors”, I’m not implying that your security and privacy are at risk but never the less a cloud computing user must be vigilant.

In Google Apps Terms of Service I came across the limitation of liabilities section (HERE) that basically states that ” Google disavow any warranty or any liability for harm that might result from Google’s negligence, recklessness, malevolent intent, or even purposeful disregard of existing legal obligations to protect the privacy and security of user data.” ..take a minute to think about it..then continue reading

A question rises and that is : Who checks the Security of the Cloud Providers ?

in recent weeks I read many articles discussing this issue and most of them agreed that a cloud computer user must consider the following:

– Encrypt the data

– Replicate the data

– Keep detailed Security logs

– Check the service compliance with SaaS 70 and/or HIPPA if you work with medical records.

– Check the SLAs particularly the provisions of Security/Privacy.

More about the topic can be found in the following articles:

– How to Keep Cloud Computing Secure (HERE)
– Who will check the security of cloud providers? (HERE)
– The Cloud Security Alliance (HERE)

PS: I have attached a decent security guide called (Security Guidance for Critical Areas of Focus in Cloud Computing ) produced by the Cloud Security Alliance.

Your Medical Records Worth 1.2 $

May 15, 2009 Leave a comment

The Virginia Prescription Monitoring Program’s website has been hacked, The hackers copied about 8.3 Million patient records and medical prescriptions then deleted the original and the backup copies.

The records stolen included : (name,age,address,social security #, driver’s license # ).

The hackers asked for (10m $) ransom and gave the government 7 days before selling the records to the highest bidder.

-In The Register / (HERE)

-In FOX News (HERE)

It continues to amaze me how the underground economy under-price huge DBs of personal medical records , Google is offering the Google Health service “where you can post/share your medical records with your doctor/pharmacy and family (HERE)for “Free” only in return for the right to generate stats out of our anonymized data as mentioned in the service Privacy Policy : “Google will use aggregate data to publish trend statistics and associations” – Complete policy (HERE).Its not a secret that those real world stats are of interest to many governments and/or corporates.

-Quick Notes-

The new US administration has identified Digitizing of the health/medical records as a priority to lower health costs and to improve health care.

Aneesh Chopra, Virginia’s Secretary of Technology, has been tipped to serve as the nation’s (CTO) chief technology officer. some people will ask him for explanations for sure. (My question would be–Where is the offsite backup ? )