Thursday, January 15, 2015
“We have met the enemy and he is us. So that means what we did was Okay!” (Apologies to Walt Kelly) Why would the CIA investigate domestic security breaches?
In a break with its former inspector general and overseers on Capitol Hill, a CIA accountability board has determined that agency officials did not wrongly spy on the Senate early last year.
Instead, the board — which was tapped to intervene in an escalating standoff between the CIA and the Senate Intelligence Committee last summer — determined that the spy agency staffers were in the right to access Senate files on a shared network after believing that a security breach may have occurred.
Senate staffers “were or should have been aware” that the agency occasionally monitored their use of the network, the board said in a 38-page report released on Wednesday, because of previous “discoveries of [committee] staffers’ misconduct” on the system.
Will I be forced to be social? (Note that your employer creates your page and all changes must go through HR)
Facebook is doing everything it can to monopolize your time online, ramping up efforts in video, messaging, and news, among other media. Now it’s unveiling a whole new portal that officially acknowledges what you already do anyway: spend all your time at work on Facebook. Called Facebook at Work, the service announced on Wednesday works pretty much just like regular Facebook, except you use it to connect to colleagues who may or may not be friends. Most important of all, the color scheme is different, [Wow! Bob] which lets your boss looking over your shoulder know that, even though you’re on Facebook, you’re still “working.”
For now, Facebook says it’s making Facebook at Work available to a handful of partners, who will be testing the product ahead of its full-blown launch, tentatively slated for later this year. Facebook itself says it’s been using Facebook at Work internally for years.
“We have found that using Facebook as a work tool makes our work day more efficient,” Lars Rasmussen, Facebook’s director of engineering, tells WIRED. “You can get more stuff done with Facebook than any other tool that we know of, and we’d like to make that available to the whole world.”
The Internet of “Things You Really, Really Hate!” Is the “average driver” a safe driver? Will this “feature” urge me to drive like the “average driver?”
… General Motors' OnStar division is announcing today that it's launching a "driver assessment" program in cars that will track how well drivers drive — hard braking, hard acceleration, and so on — and offer detailed feedback after collecting 90 days' worth of data. Afterward, they'll have the option of forwarding the data on to Progressive as part of its Snapshot insurance discount program, where you can get discounted insurance rates for driving well. (Progressive already offers a hardware dongle that can plug into existing cars to accomplish the same function.)
Privacy is a big concern here: although GM says that control of the system is "is in the hands of the customer," it only notes that drivers control whether they receive an assessment. The company is using anonymized driving data to compare participating drivers to national averages — do you drive better or worse than the average driver?
Timely question since I'm having my students write their own textbook this quarter.
Openness and Ownership: Who Owns School Work?
Many districts already have in place policies that claim copyright over employees’ work — particularly if it is done while at work or on work-issued equipment. But the Prince George’s County measure would have gone farther by saying that all work, done on one’s own time or on one’s own devices – was owned by the district. Furthermore, it took the usual step to claim copyright over students’ work.
No surprise, the policy was put on hold after public outcry over the move and questions about its legality (after all, students, unlike teachers, are not school employees).
Are you a slave of your smartphone? (Undue reliance) This should give my Ethical Hackers some interesting (evil) ideas!
Australians Wake Up An Hour Early
And finally, Australians living in Queensland were rudely awoken an hour earlier than usual when their smartphones were mistakenly changed to daylight savings time. This led to some bleary-eyed commuters actually turning up for work an hour before they were due to begin for the day.
Both Virgin Mobile and Optus sent out the automatic update to their customers’ phones, despite Queensland having opted out of switching back and forth between daylight savings time as long ago as 1972. Both networks blamed a network glitch, and apologized for the trouble it caused.
For my students in many classes.
Getting Employee Security Awareness Training Right
Time after time, attackers seem to find ways to get users to open an attachment.
Throwing technology at this is one way to address the issue. Another is through security awareness training – but depending on who is being asked, that may be either a panacea or an undersized Band-Aid. Training employees right, experts said, takes a mix of clearly-defined goals, executive support and understanding of employees roles and the target audience.
"The number one problem in the typical security awareness program is a lack of well-defined, measurable objectives for the program," said Gartner analyst Andrew Walls. "Well-defined objectives enable the design, development/acquisition of effective security education and training that produces measurable improvements in security."
In general, Walls said, there are four types of objectives in security awareness programs:
disciplinary baselines meant to establish justification for disciplinary actions when an employee breaks policy;
establishing, diminishing or maintaining certain behaviors and the development of knowledge among employees in regards to security and
For my Data Management students? Is this a tool we could use?
Private Equity firm Acquires Identity Finder
… Identity Finder, LLC software helps organizations discover and protect sensitive data such as personal information, medical records, credit card accounts, and intellectual property stored across the enterprise and the cloud.
For my students. Is this sufficient?
DoD Cloud Computing Security Requirements Guide
Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG). Version 1, Release 1. 12 January 2015 Developed by the Defense Information Systems Agency (DISA) for the Department of Defense (DoD).
“Cloud computing technology and services provide the Department of Defense (DoD) with the opportunity to deploy an Enterprise Cloud Environment aligned with Federal Department-wide Information Technology (IT) strategies and efficiency initiatives, including federal data center consolidation. Cloud computing enables the Department to consolidate infrastructure, leverage commodity IT functions, and eliminate functional redundancies while improving continuity of operations. The overall success of these initiatives depends upon well executed security requirements, defined and understood by both DoD Components and industry. Consistent implementation and operation of these requirements assures mission execution, provides sensitive data protection, increases mission effectiveness, and ultimately results in the outcomes and operational efficiencies the DoD seeks.”
I'll ask my students if I should use this.
Google Launches Google Classroom Mobile Apps
Just a few hours ago Google announced the launch of Google Classroom mobile apps for students. The new Google Classroom iOS and Android apps enable students to take pictures and attach them to the assignments that they submit to you. This could be a great option for math students who have trouble typing responses to mathematics problems as they now can write on paper and submit assignments to you by taking a picture of their papers.
The Google Classroom iOS and Android apps allow students to share material from other mobile apps like Docs and Gmail.
Today, Google also announced new desktop features for teachers. You can now archive your classes when you're done with them at the end of a semester or school year. Archived classes will become "read only" so you and your students can still go back at look at the content, but not change the content. The other new desktop feature is a new teacher assignments page where you can see all of your students' assignments and mark assignments as reviewed.
My researching students might like this.
RefME Helps Students Create Bibliographies
… The free RefME iPad and Android apps enable students to scan the barcode on a book, periodical, CD cases, and many other media cases to have a citation formatted for that item. RefME provides more than 6,500 citation and bibliography formats for students to use. If your students don't have an iPad or Android device, they can still take advantage of RefME's service by simply logging into the website and performing a search for the book, periodical, or website that they need to cite. If RefME finds the item, a citation will be created that students can import into their accounts.
… After creating a RefME account students create their first projects in RefME. A project is essentially a folder for the citations that students are going to create for a paper. Students select a project name then add a reference to it by scanning the barcode on a book or periodical. When they have finished scanning all of their references (they can also add references manually) student can export their lists of citations to Evernote, email the list, or create a Word document of citations on the RefME website.