Entries in Risk Assesment (7)

Wednesday
May012013

Have you read your EULA?

I am a big proponent of knowing what you agree to, and even then I do not read all the End User Licence Agreements (EULA) that I agree to (What is a EULA?).   Recently I stumbled across an article in Wired with excerpts / examples  from some current EULA's .  

 

Dear parents or legal guardians of ___________

As you may be aware, your daughter is one of ______ children in your neighborhood who recently applied for a jointly operated StreetApp® of the category “Lemonade Stand.”

As the owner / operator of the street on which you live, and on which this proposed app would operate, StreetBook is required by law to obtain parental consent. By clicking on the “yes” box at the bottom of this window, you acknowledge you are __________’s parent or legal guardian, and also agree to the following conditions:
1. A percentage of up to 30% of revenues will be kept by StreetBook.
[This clause reflects the revenue model established in app stores.]

2. You will submit lemonade recipes, your stand design, signage, and the clothing you will wear to StreetBook for approval. StreetBook can remove your stand at any time for noncompliance with our approval process.
[This provision is also inspired by the practices of app stores.]

 

3. All commerce, not limited to lemonade purchases, will be conducted through StreetBook. Customers must have StreetBook accounts even if they live on a street owned and operated by a StreetBook competitor. StreetBook will place a hold on all moneys in order to collect interest, and might place a longer hold if any party makes claims of fraud or activities that violate this agreement or any other residential use agreement.

[This provision is inspired by the business models of online payment services.]

4. A $100 annual fee must be paid to be a lemonade stand developer.

[This is again an example of following in the successful footsteps of app stores.]

Here is more detail, 

This EULA Will Make You Rethink Every App and Online Service You Use

Next time you sign up for a service, take a look at the End User Licence Agreement.

Wednesday
Apr242013

How much would you be willing to pay for your data?

I came across this posting on Reddit the other day.   I could go on about the value of a good back up, and laptop encryption, but I think that this letter says it all, 

Sunday
Mar312013

World Back Up Day!

You can never have enough reminders to back up your data, so yet another reminder, it's World Back Up Day!  Why World Back Up Day? Here it is straight from their site, 

 

"You might think your computer, phone or tablet is pretty reliable, but in reality, it's not. Everything (yes, everything) fails, and once it does, all the important information you've stored on that device can be destroyed. In fact, it's not a question of if a piece of technology will fail - it's when.

More than 60 million computers will fail worldwide in 2013. Only 1 in 4 people back up their information regularly - that's roughly 45 million times this year where files will be lost forever. Even worse - 113 cell phones are lost or stolen every minute in the United States alone. That's hundreds of photos, conversations, calendars and more, gone in an instant.

It's important to be ready. That's why we created World Backup Day - to show you how to prepare for the inevitable. We'll help you to devise a plan to store your precious memories and information in a safe location. Because there's nothing worse than losing something important to you."
As discussed in my previous blog posts, I suggest iDrive for a remote back up system.   I use it myself and have been very happy with the results.   

 

Monday
Feb112013

Recycling or selling a old device, make sure that your information is off it

With the ever increasing pace of technological advancement, the question of what to do with old devices is brought up.  Many clients I work with are not aware of the risks of selling or recycling an old device without being 100% sure all personal information is off it.  Cell and smart phones, tablets, laptops, and computers all carry personal information of one sort or another, even deleting this information may not make it inaccessible.   Check out the story below, 

Best case scenario a TV station does a news report on the computer that they purchased from you, worst case might be this, 

Collaboration Lab provides several solutions to address removal and / or destruction of personal information off of your electronic device.  Don't risk the chance of your personal information being used, distributed, and exploited, contact us today.

Thursday
Feb072013

Red Team USA Cyber Security Workshop for Lawyers

"Law firms are a very attractive target for cyber attacks by anyone seeking sensitive information," says Bradford A. Bleier, Unit Chief, Cyber National Security Section, FBI Cyber Division.

Today, Every Law Practice is “A Cyber Security Risk.” High Costs Can Result From Failure To Implement The Recent ABA Client Confidentiality Rules & Cyber Data Protection.

Today’s Cyber Criminal designs programs to attack and steal from specific business types. Law Firms are no exception, in fact, they are prime targets for a Cyber Security attack.

Data breaches, privacy infringements, and theft of intellectual property or other sensitive organizational data come at a tremendous cost. Some government reports estimate that cyber breaches cost the U.S. economy over $1 trillion annually. Businesses that are victimized by Cyber Intrusions risk significant liability in fines, penalties, and damages.

This workshop examines the potential legal liability for data breaches and not implementing state-of-the-art cyber security protection:

- In today's world what are "reasonable" efforts when it comes to preventing disclosure or access to client information.

- Do I notify all my clients that we've had a security breach of our network?

- One of our associates loses his USB thumbdrive - does that constitute a security breach?


Discussions: Are you using Cloud services or thinking about it? Do you use mobile devices? Who has access to your network? Do you and your clients send sensitive attorney-client privileged information back and forth over regular email? Do you know how easy it can be compromised? What are your ethical and legal duties to protect client-confidentiality when using technology?

 

Presenter: David Willson

JD, CISSP, Security+

Titan Info Security Group

(A Cyber Security Law Firm)

What You'll Learn:

- Overview of threats and vulnerabilities to data in 2013

- Ethics Rules for Lawyers and the Use Of Technology - Rule 1.6 (c)

- When does a breach of security fall under CRS 6-1-716

- How data is lost or stolen

- How to better protect client confidentiality and sensitive

- Ethics: 1 CLE hour

- Cyber Security General Education: 1 CLE hour

 

Presenter: Nick Krut

MSEE, CNE, CSSA

Cyber Security Scientist

Red Team USA

(A Cyber Security Firm)

CLE Cyber Security for Legal Professionals:

Join us for our Lunch & Learn Workshop February 12th

Presented by the Red Team USA Advisor Group

Click Here to Register February 12 - Limited Seating


Where: Red Team USA Conference rooms

4155 E. Jewell Ave, Denver 80222

When: Feb12, 11:00 – 1:00

Price: $75

Lite Lunch is served along with water, tea & coffee

Click Here to Register February 12 - Limited Seating