Thursday, November 28, 2013

It looks like China has decided to let everyone know that their military build-up is complete. Now if all this chest thumping can be contained, we won't have a war. But then these are the folks who advise North Korea, so expect a few “regrettable incidents.” (Whatever it takes to make the evening news)
South Korea, Japan join U.S. in defying Chinese air defense zone
South Korean and Japanese flights through China's new maritime air defense zone added to the international defiance Thursday of rules Beijing says it has imposed in East China Sea but that neighbors and the U.S. have vowed to ignore.

(Related) Nice photo of what we call “a target.”
China's carrier group had 'innocent passage' through Taiwan Strait

Not large, but a bit slow on the notifications (and a bit vague elsewhere) Again, outsiders had to tell the college they had been breached.
Tim Gallen and Mike Sunnucks report:
The Maricopa County Community College District is notifying nearly 2.5 million students, former students, vendors and employees because their personal information may have been exposed in a security breach.
The Tempe-based college district announced today that it is contacting 2.49 million students, employees and suppliers that their information may have been exposed without authorization.
Sensitive information such as names, birth dates, Social Security numbers and bank account information was exposed, according to the district. MCCCD operates 10 community colleges and also has dual enrollment programs with local high schools.
However, MCCCD officials are not aware of any evidence of any misuses of personal information. [Can we agree failing to secure the data is misuse? Bob] Spokesman Tom Gariepy said students or others who worry about identity theft or other fraud can contact a credit services company the district has hired.
“While we are not aware of misuse of anyone’s personal information, we are providing resources to assist all of the people whose information was in these systems, including credit monitoring and other identity safeguards, managed by a nationally known identity protection firm,” said MCCCD Chancellor Rufus Glasper in a statement. “We are examining every aspect of our IT operations, and the changes underway are making us stronger system-wide.”
District officials learned of IT security issues in April this year and began investigating.
Read more on Phoenix Business Journal. In related coverage, KPHO reports that the college district learned of the breach from federal law enforcement on April 29. They also report that As names, dates of birth, Social Security numbers and bank account information – but not credit card information or health records – was exposed. Neither news source is clear about the nature of the breach.

The latest version of “inadequate and confusing?” The only rules I know of that you can fully comply with and apparently still be violation of...
Earlier this month, the Payment Card Industry Security Standards Council (PCI SSC) released Version 3.0 of the Payment Card Industry Data Security Standard (PCI DSS), which includes several enhanced security requirements that will affect how businesses protect payment card data in their systems. The updated standard calls upon businesses to take a more active role in security compliance. It also addresses several common vulnerabilities in the cardholder data environment, including weak passwords, fallible authentication methods, unpatched malware protection, and inadequate threat monitoring practices. The end result is a standard that gives businesses a clearer, yet more stringent, set of baseline requirements for protecting cardholder data. Compliance with Version 3.0 is required as of January 1, 2015, although some of the new requirements will not go into effect until July 1, 2015. Until then, they are recommended as best practices.
Read more on Hogan Lovells Chronicle of Data Protection.

When you need to understand a technology, MakeUseOf may have a Guide!
FREE EBOOK: The unofficial, beginner’s guide to tumblr

For my students, since some of them apparently can't study anywhere in Colorado... Actually list some good resources and tools.
Where To Study: Navigating The Free Online Education World

No comments: