Lura.net Blog
Lura's Blog Pg Lura's Blog Pg Lura's Blog Pg Lura's Blog Pg Lura's Blog Pg

Posts Labeled with ‘professional’

A Recent Clinton Admin PII Breach Affects Me!

I received notice that “The National Archives Records Administration (NARA) learned in late March 2009 that an external hard drive containing a copy of Clinton Administration Executive Office of the President data is missing from a NARA processing room… The hard drive includes files that contain personally identifying information (PII.)” Specifically, this hard drive includes HR information… and I used to work at the White House… so my information was compromised.

The brochure also says what NARA is doing about the situation:

  • “NARA’s Office of Inspector General, with the assistance of the US Secret Service, has launched a full-scale criminal investigation into this incident. NARA is offering a reward of up to $50,000 for information leading to the recovery of the missing hard drive.
  • NARA informed the US Computer Emergency Readiness Team of the Department of Homeland Security, the White House Counsel’s Office, staff of our House and Senate Oversight Committees, and a representative of former President Clinton.
  • NARA is sending notification letters to affected individuals and offering free credit monitoring services to help protect individuals from identity theft.
  • NARA is revising its internal policies and procedures to ensure maximum protection of electronic and textual records containing PII. NARA is also implementing stringent physical and technical safeguards in place to protect protect personal information and prevent this type of incident from occurring in the future. Other initiatives include annual and refresher training for our employees and contractors to ensure they are familiar with privacy rules, regulations and standard operating procedures aimed at reducing the risk of breaches of PII.”

This is all pretty interesting stuff for me. My thoughts:

  1. I currently specialize in IT Compliance, which includes designing, implementing, and testing controls for protecting PII. I now have a new anecdote for sales meetings!
  2. I am annoyed that it took so long to inform me. Four months?!?! There’s time for some serious Identity damage in that amount of time!
  3. I am not particularly concerned, since I took Identity Theft protection measures after my computer was stolen… so much of the work is done… I’ll take up NARA on the extra protections, but it is duplicative at this point.

Labels: , ,

 
Grandfathering In?

Getting grandfathered into a new certification program seems so civilized and professional, but to date I haven’t been eligible. Now, however I think that I am actually eligible for the new “CGEIT” certification backed by ISACA. It stands for “Certified in the Governance of Enterprise IT.”

Filling out the required paperwork will be no picnic, but it should be easier than sitting for another one of ISACA’s mind-bending exams (this is the certification body behind the CISA.) The bigger problem with getting grandfathered into the program is that it costs a pretty penny. So I’ll see if my work wants to pay for it, since I sure don’t.

Labels: ,

 


June 2000 / September 2000 / December 2000 / February 2001 / August 2001 / November 2001 / May 2002 / July 2002 / November 2002 / April 2003 / November 2004 / October 2005 / November 2005 / February 2006 / March 2006 / September 2006 / November 2006 / December 2006 / February 2007 / March 2007 / April 2007 / May 2007 / June 2007 / July 2007 / August 2007 / September 2007 / October 2007 / November 2007 / December 2007 / January 2008 / February 2008 / March 2008 / April 2008 / May 2008 / June 2008 / July 2008 / August 2008 / September 2008 / October 2008 / November 2008 / December 2008 / January 2009 / February 2009 / March 2009 / April 2009 / May 2009 / June 2009 / July 2009 / August 2009 / September 2009 / October 2009 / November 2009 / January 2010 / February 2010 / March 2010 / May 2010 / June 2010 / July 2010 / August 2010 / September 2010 / October 2010 / November 2010 / December 2010 / January 2011 / February 2011 / March 2011 / April 2011 / August 2011 / March 2013 / July 2013 /

 

Log in · RSS