« First...102030...2,4632,4642,4652,4662,467...2,4702,4802,490...Last »

Chicago-based law firm responds to report of NSA spying

Posted on by

Chicago-based law firm, Mayer Brown says there is "no indication" that any spying occured "at their firm" in regrads to NSA spying and surveillance.

Mayer Brown, the Chicago-based law firm cited in a weekend report about National Security Administration spying, has issued a statement that stops short of an outright denial that its communications were under surveillance but says there is no indication that any spying occurred at the firm.

Citing a February 2013 document obtained by former NSA contractor Edward Snowden, the New York Times on Sunday reported that the NSA was notified that the Australian Signals Directorate, its Australian government counterpart, was conducting surveillance of trade talks, including communications between Indonesian officials and an American law firm that the Indonesians had retained for help in the trade talks.

According to the document, the NSA was alerted by the Australian agency that information covered by attorney-client privilege may be included in the surveillance, but that after consulting with the NSA counsels office, the Australians were able to continue to cover the talks, providing highly useful intelligence for interested U.S. customers.

The document did not identify the law firm, but Mayer Brown was advising the Indonesian government at the time, according to the New York Times. Records filed with the U.S. Senate indicate that the firm lobbied in 2012 on behalf of the Specialty Tobacco Council in Winston-Salem, N.C., and the Indonesian clove cigarette maker P.T. Djarum.

Responding to the report, Mayer Brown said in a statement late Sunday night: There is no indication, either in the media reports or from our internal systems and controls, that the alleged surveillance occurred at the firm.

Asked by the Tribune whether the firm was saying that there was no evidence of spying at the firm, or that there was no evidence of spying of the firm, a Mayer Brown spokesman responded: At the firm.

The Mayer Brown statement also said, Nor has there been any suggestion that Mayer Brown was in any way the subject of the alleged scrutiny. Mayer Brown takes data protection and privacy very seriously, and we invest significant resources to keep client information secure.

The issue of who was the subject or target of the surveillance may be important because the NSA is not allowed to target Americans for warrantless surveillance, but it can intercept communications between Americans and foreign intelligence targets abroad, including attorney-client conversations.

The NSA would not comment specifically on the case, but said that the intelligence agency has procedures in place to protect the privacy of Americans.

Read more:
Chicago-based law firm responds to report of NSA spying

AlertBoot’s New HIPAA Encryption With Integrated Reporting Gaining Traction With Assisted Living Facilities

Posted on by

Las Vegas, Nevada (PRWEB) February 18, 2014

AlertBoot, a leading provider of mobile device management and managed full disk encryption services, has successfully contracted with various nursing homes across the US to provide them with an easy way to encrypt laptops and protect smart phones in the workplace.

The increased interest in encryption software by assisted living facilities arises due to heightened HIPAA data security and privacy requirements. The increased attention in AlertBoot comes from newly integrated HIPAA compliance reports as well as the simple and easy approach to digital device security using AlertBoot's cloud-based deployment and installation.

"People working in nursing homes have an extra set of challenges when it comes to HIPAA," noted Tim Maliyil, founder and CEO of AlertBoot. "For example, nurses working in such environments must be vigilant on how they respond to the simplest of questions, as their answers may inadvertently reveal patients' protected health information. This is in addition to their duties as healthcare professionals. Their job description and working hours leaves them very little room for becoming field experts on computer data security. The same goes for administrators, doctors, and other personnel who assist seniors."

HIPAA data security requirements can be complex and cover a wide range of activities. When it comes to laptop computers, HIPAA specifically defers to NIST (the National Institute of Standards and Technology) on the technical aspects of encryption software. NIST guidelines for good, strong encryption generally boil down to this:

(1) Use AES encryption if possible, (2) Ensure that the encryption key strength is AES-128 or stronger, (3) Ensure encryption keys are backed up and kept in a secure manner.

In addition, it is recommended that HIPAA covered entities employ encryption software that has received FIPS 140-2 validation. A FIPS certificate is only granted after NIST has tested the solution, ensuring that the encryption software complies with NIST guidelines. Situations where an encryption solution fails NIST scrutiny are not unheard of, and a FIPS certificate prevents such unforeseen risks.

In the event that a particular solution turns out to be non-compliant, the covered entity will not be able to partake in one of the well-known advantages of using encryption as a HIPAA compliance measure: the safe harbor one gains from the Breach Notification Rule.

Gaining safe harbor requires more than adherence to technical specifications, however. A covered entity must be able to demonstrate, via documentation, the use of encryption, which can be problematic for stand-alone encryption software.

AlertBoot resolves this problem via its web-based console which doubles as a central server that can log and track a device's encryption status from the beginning. Traditional solutions require a separate management server that is managed by a technician. Unlike the AlertBoot model, such a server is an extra cost that is not already priced into the license cost.

See the rest here:
AlertBoot's New HIPAA Encryption With Integrated Reporting Gaining Traction With Assisted Living Facilities

Open Source in the Enterprise: To Pay or Not to Pay?

Posted on by

The more mission-critical the open source software, the more necessary it is to acquire paid support, suggested Suse's Gerald Pfeifer. "Individual users will often tough out solving problems through community help forums, but SMB owners and enterprise users more likely will opt for paid support rather than devoting internal resources to support open source software," he added.

This story was originally published on Nov. 5, 2013, and is brought to you today as part of our Best of ECT News series.

One of the big attractions behind the growing popularity of open source software is the ability to get it and use it for free. In a world of ever-rising costs in pretty much every other aspect of business and life, "free" is an offer that's increasingly difficult to refuse.

Support is one area, however, where "free" may not be all it seems -- particularly for enterprises.

Users of free software typically rely on the generally sizable community of users and developers for help if questions arise. That support can be excellent, and many users swear by it. At the enterprise level, however, it's worth considering more closely -- particularly when many users are involved and the software is mission-critical.

In addition to offering their software for free, most of the big enterprise Linux operating systems and numerous popular applications give users a choice of paying for support from the developers themselves. In some cases, a software developer may even sell a more feature-rich commercial version.

So when does it make sense to spend the extra money? There's no one formula to provide an answer to that common question, but numerous key factors can help you decide.

One potential variable in relying on free community support is the character of the community. Just as open source version options are different, so are open source communities.

"Open source communities can be like a box of chocolates in that the flavors are not always what you expect them to be," Gerald Pfeifer, senior director for product management and operations at Suse, told LinuxInsider.

An enterprise's own in-house staff, of course, will also play a key role.

See the original post:
Open Source in the Enterprise: To Pay or Not to Pay?

Open source startups: Don’t try to be Red Hat

Posted on by

Feb 17, 2014, 11:00 (0 Talkback[s])

None of these companies sell software; they don't even sell platforms. Rather, each has built a business that's powered by open source software, and each has gone on to create new projects that developers all over the world want to use. Those developers don't compete with them. Rather, they have a vested interest in the code they are using, so they fix bugs and develop features.

When smart developers do that, they realize that contributing back to the original project makes more sense than sustaining a fork of the code themselves. Thus, they contribute. Some model this as a "gift economy" -- and there's no doubt that a sense of community is important for open source developers. But fundamentally this is about self-interest and making sure the code ends up in a place where the most people will be motivated to use and maintain it.

Complete Story

Related Stories:

Read more here:
Open source startups: Don't try to be Red Hat


« First...102030...2,4632,4642,4652,4662,467...2,4702,4802,490...Last »