Wednesday, June 28, 2006

It’s 10:00PM, Do you Know What Your Data is Doing?

Your Data - Your Choice - Your Security


There is almost not a day that goes by that we don’t hear about a Government Agency, Corporation or other entity losing a device with private data. Most, if not all of this data is confidential and should never be on a non-encrypted or non-secure portable disk, however this is the world in which we live. Data Analysts need to take their work home. Business Managers need customer and sales data for planning, forecasting and business modeling. Even on a personal level, we often need to transport files from PC to PC or synchronize data amongst mutliple platforms - laptop, desktop, etc.


Your data is valuable. Your data is in demand. Your private data is everywhere.


From the purchases you made using the “Club Card” at the local supermarket to the last oil change you had done at the SuperCenter, the plane ticket you bought online, and even the last pizza you ordered from the national chain. little pieces of your life are recorded, quantified and analyzed. It’s a process called “Data Mining”. Data Mining is used to establish probability grids and forecasting future events based upon known factors and analyzing trends within the data.


For instance, if you own a coffee shop and you know that customer X buys an average 6 Drinks a week for the last 3 months, but now they are only consuming 1 or 2, wouldn’t you as a business owner want to know why? Maybe Customer X found a new coffee shop or has changed his patterns based upon a new job, commuting route, lifestyle change, or other event. Maybe the change co-incided with a change in staff that didn’t have the same training on making the product in the way the customer was used to.


Likewise, if you managed the local supermarket and knew that your “Club Card” members buy 1000 boxes of a toasty flakes during certain periods of the year and you are forecasting purchasing decisions for products that are perishable you would probably look at the data over time to establish trends and develop a probability scale for the sell-through of an upcoming promotion.


Similarly, health care providers, insurance companies and employers can analyze the usage of drugs to treat disease, alternate treatment options, patient recovery rates, patient satisfaction and other factors to formulate new and streamlined treatment methods, reduce or contain costs.


By anayzing trends in the data and looking at your own business model, you can determine pretty accurately what is going on and make changes to your buying patterns, advertising, promotion, training, product offering or customer service to improve the efficiency and profitability of your operations and retain a loyal customer base.


There are several basic kinds of data and for the purposes of this article we will only touch on a few - Personal, Empirical, Aggregate and Summary Data. Each has its own value both to the person that gives up the data and the person that is using the data.


The most valuable one for all parties is Personal Data. This includes information such as your name, address, credit card, ID number, email address, medical records, receipts, bills, income, expenses, spending habits and other uniquely identifiable data. Personal Data is highly prized by commercial and government eliments because it can be used to increase profitability, streamline operations, quantify habits, establish patterns and make unique predictions about individuals and how they live. With this information you can specifically market to an individual or group and offer a product or program that meets a specific need. The Criminal element loves this data too because it is rich with personally identifiable information and can be used to open fraudulent bank accounts, credit card accounts or use the data in other ways in Idenity Theft schemes.


The second type of data is Empirical Data - this is data that is gained through observation or recording of events without personal involvement of the individual in providing the data. An example of this would be sitting outside of a competitors store and counting the number of individuals entering or leaving with purchases over time or viewing other events as they occur and recording the results.


Combining Personal and/or Empirical Data in a group (or Data Set) we get Aggregate Data or Summary Data. Aggregate Data is simply ALL of the data generally segmented by individuals or groups whereas summary data is generally only a small subset or group of the data rolled-up into summarized form. Aggregate Data is used by data miners to search for specific anomolies within trends, changes in specific groups patterns, quantifying individual customer value, or other data that requires the entire data set to model against. Summary Data is generally only a small subset of the aggregate and is used for planning, simple modeling and other general research.




No matter what business you are in, it is all about the Data. Your Data. Exactly how much of this data you are willing to give is up to you, but some, if not most of it can be gleaned through empirical means and recorded or worse yet, purchased from Data Mining Companies without your expressed consent or knowledge.


Some privacy advocates decry this as an Orwellian threat, however there are some things that you can do to protect yourself and there are substanial laws already on the books and financial industry guidelines to protect individual data.


Government regulations including HIPAA (Health Insurance Portability and Accountability Act) and other Federal, State and Local laws regulate the secure access to ANY individually identifiable data held by Healthcare Professionals, Employers, Banks, Financial Institutions, Brokerage Houses, and just about every other type of entity that stores or uses this data. There are heavy financial penalties and JAIL time involved for breaches of these offenses (or so we are told). Yet NO ONE is holding any person or organization accountable for their rampant stupidity, ignorance of the laws and incompetence.


Visa for example has had the CISP (Cardholder Information Security Program) since June of 2001 that requires that merchants:



  • Build and Maintain a Secure Network

  • Protect Cardholder Data (Including Transmission and Storage Encryption)

  • Maintain a Vulnerability Management Program (Test their networks for intrusion)

  • Implement Strong Access Control Measures (Including Restricing Physical Access To Cardholder Data)

  • Maintain an Information Storage Policy that complies with secure storage and access to customer data.

Newer and more stringent guidelines from Visa and other card processing companies include that NO individually identifiable card numbers are left on unencrypted systems and that individually identifiable data is protected from breaches in security.


So when Hotels.com lost the customer and credit card information for customers that purchased through their website from 2002, 2003, 2004 and 2005 that was stored and left in an automobile on a laptop with a non-encrypted hard drive by an Ernst & Young employee, it was in clear violation of their agreement with Visa. It also was a clear violation of the law. At the very least the data should have been encrypted and protected by strong password security, but evidently it wasn’t.


Again, when Marriott lost the same type of data in January 2006 from customers of its time-share division, they simply gave customers a phone number and web address to “find out more information”. Worse yet, IBM lost an un-encrypted hard drive with the personal data including BANK ACCOUNT information of 180,000 of their clients. Yet no one is holding these companies accountable for serious breaches in security, lapses in judgement and just downright stupidity with regard to their stewardship of client data. Here are a few more Gems from just the last few months:



Enough Already - SECURE YOUR DATA. Secure your Customers Data. This stuff is out there, it is valuable. The devices are disposable but the data isn’t.


Today, iQBio, Inc. is announcing the latest in our secure storage series of products that incorporates AES Encryption and Fingerprint Recognition to secure Portable Data. Introducing the iQBioDrive - a 100GB external hard drive that encrypts and secures your data using your fingerprint. Read about this product and don’t take chances with your data.



Monday, June 26, 2006

Another Data Breach - The madness continues...

U.S. Navy: Data Breach Affects 28,000

Five spreadsheet files with personal data on approximately 28,000 sailors and family members were found on an open Web site, the U.S. Navy announced June 23.

The personal data included the name, birth date and social security number on several Navy members and dependents. The Navy said it was notified on June 22 of the breach and is working to identify and notify the individuals affected."There is no evidence that any of the data has been used illegally. However, individuals are encouraged to carefully monitor their bank accounts, credit card accounts and other financial transactions," the Navy said in a statement.

It said individuals affected by the breach will be contacted soon to ensure they have information on how to guard against identity theft. Information on how to watch for suspicious activity on personal accounts has been posted on the NPC (Navy Personnel Command) Web site.

The files have been removed from the site, and Navy's chief of personnel is working with the law enforcement to determine how and when the files were placed on the Web and prevent future release of information of this type, the statement said.

The U.S. Navy becomes the third government department to confirm data loss through computer theft or server compromise. Earlier this week, the Agriculture department said about 26,000 of its employees and contractors could be at risk of identity theft after a hacker broke into its computer system.

A laptop stolen from a government employee in Maryland in May also exposed personal data on about 26.5 million veterans and current military troops.

Source - Ryan Naraine www.eweek.com

Wednesday, June 14, 2006

The security of our troops, the integrity of their personal data and the ability to communicate with their family and friends in a a secure manner is the purpose of the Every Soldier Online Program. ASG's ClipBio™ Pro has everything that a Soldier needs to create, store, send and receive documents, emails, and other correspondence using ANY public computer without leaving a trace of their documents on the host PC - and all secured on their ClipBio™ Pro with their fingerprint.

Freeland, WA (PRWEB) June 15, 2006 -- The Every Soldier Online (www.everysoldieronline.com) initiative is designed to provide all US Service Men and Women with a BioCert® ClipBio™ Pro 1GB Portable Flash Drive for their personal use while overseas at a dramatically discounted price.

Artemis Solutions Group (ASG) and iQBio, Inc. Announce the Every Soldier Online Program to Benefit Troops and Their Families Using the ClipBio™ Pro Portable Flash Drive
"We believe that every single US Soldier should carry with them a BioCert ClipBio™ Pro 1GB Portable Flash Drive.
clipbioproSMWEB.jpg

The ClipBio™ Pro is a fingerprint secure flash memory disk that an enrolled user can take directly to ANY PC and use their personal email, pictures, files, folders and other items stored on the flash drive without carrying a bulky computer or laptop or in having their personal security violated by the loss of the ClipBio Pro.

Each ClipBio Pro is protected by 128Bit AES encryption and is only able to be "unlocked" through the presentation of an authorized fingerprint. Once unlocked, the user has full access to the data, programs and files stored on the ClipBio Pro.

The need for our troops heading off to foreign soil need to keep in contact with their families and friends back home is of grave concern. To do this securely is the function of the ClipBio Pro from ASG.

Since a traditional laptop is not something that every soldier can take with them, our Airmen, Soldiers, Sailors and Marines are using shared computers to send email, create documents and store their correspondence and personal information.

Frequently they use non-secure flash drives or store the information, or store the data on a shared PC. This practice compromises their own and our national security as it allows others to see their personal data. There are also many cases recently discussed in the news where unsecured flash drives with personal or private content on them have been stolen and shared with the enemy.

According to an Associated Press report on April 14, 2006:

"Shopkeepers outside U.S. military headquarters in Afghanistan said that American investigators have paid them thousands of dollars to return stolen computer drives, many of which contained sensitive military data.

But dozens of the memory sticks were still on sale in shops outside the base and the shopkeepers let an Associated Press reporter review about 40 of them on a laptop computer.

Most were blank or did not work, but three contained data that appeared to have come from inside the base, including a soldier's military discharge certificate, troop resumes and photographs of Air Force One during a visit to Afghanistan by President Bush last month."

This is a national security and personal privacy issue that ASG is addressing through the Every Soldier Online Program.

ASG CEO James Childers States: "We believe that every single US Soldier should carry with them a BioCert ClipBio™ Pro 1GB Portable Flash Drive.

We believe it so strongly that we have set up a Every Soldier Online program that is explained through our www.EverySoldierOnline.com website. As a symbol of our dedication to our soldiers and their sacrifices during this time of national crisis, Artemis Solutions Group, iQBio, Inc and other related companies with the help of our team of partners is launching this program dedicated specifically to providing each and every United States soldier with a ClipBio Pro 1GB portable secure flash drive - in some cases FREE of Charge (through a 50% grant discount provided by us and a paid corporate or personal benefactor, direct personal purchase by service personnel, family or friend)

This program is open to all branches of Service in the USA and all members, stationed at home, field deployed, whether active duty or reserve."

At $129.95 plus $9.95 for United States Postal Service Priority Mail shipping the total retail price of each ClipBio Pro is $139.90.

Under the Every Soldier Online Program each ClipBio Pro will cost either the US Service Personnel, their Family, Friends or Their Benefactors only $69.95. I strongly believe that this program will make an important difference for each of our Service Men and Women, their Families and Friends by allowing them to communicate through their secure "computer on a stick" - the BioCert ClipBio Pro.

Service Personnel that wish to purchase their own ClipBio Pro at the Every Soldier Online discount grant price should place their order online and have the product shipped to their station location using the USPS, APO or FPO address.

Requirements - Active Duty Service Personnel from any branch of the US Armed Forces are immediately eligible for a 50% GRANT discount on the purchase price of the ClipBio Pro by ASG. In order to verify eligibility, the product must be shipped to a registered US Airbase, Army Base or Naval Facility or be delivered to a valid APO/FPO address through the US Postal Service. We will also ship these products to any other address required if you provide us with a .gov or .mil email address during the checkout process. You must also state your branch of service as we will keep a running total of products issued to each branch.

ASG encourages friends and family members of Servicemen and Servicewomen to purchase a ClipBio Pro directly through the www.everysoldieronline.com website for an immediate 50% discount to be shipped directly to ANY US Service Personnel using an APO, FPO or registered US Base, Air Base or Naval Facility. These products will ship through the US Postal Service in individual packages directly to the Soldier, Airman, Marine or Sailor.

Service Personnel that either cannot afford or do not wish to purchase a unit directly may fill out the Benefactor Request form and put their name on a waiting list. As ASG receives Individual or Corporate Benefactor Grants through the program, we will fulfill these requests on a first-come, first-served basis.

Anyone can be a "Benefactor" and pay $69.95 towards the purchase of a ClipBio Pro at the 50% discounted price. "If you pay half of the retail price , we will match your Gift with the remaining part of the retail price discounted by us. We will send you the name and branch of service of the Soldier that received your Gift." says Celeste Grannum - Press Coordinator for ASG

Benefactors can make a donation of any amount towards the purchase of a ClipBio Pro for a Service Person on our list of requests by making a gift of any amount to the program by clicking on the PayPal Donation button on the "buy one now" page on the website or sending any amount through PayPal using the link provided on the site.

For those companies, individuals or groups that wish to make a bulk Gift we have a special program. These companies may purchase as many of the ClipBio Pro units they wish at the Gift Discount Price of $69.95 we will send them a receipt for their records and send the purchased ClipBio Pro's directly to a Chaplain in Iraq, Afghanistan, or other foreign theatre of the war on terror to distribute directly to their troops as they see fit.

ASG will distribute these Grants equally unless the organization specifies a particular Chaplain with which their group is working. For Corporate Gifts in excess of 500 pieces, ASG can include your company name silk-screened on the rear of the ClipBio Pro 1GB or include items with the company's message or logo within the package.

Your company, church or group can make a difference in a Soldiers Life...

What software is included under this program?

Each ClipBio Pro will include these FREE Portable Applications that can only be run directly from the secure partition of the ClipBio Pro -

* Secure Encryption Software - AES 128 Bit secured with patented biometric fingerprint technology. No data is visible without expressed authorization.
* Advanced Synchronization Program - iQBioSync included at No Charge
* Secure Web Browsing Software - Portable FireFox
* Secure Email Software - Portable Thunderbird
* Portable Anti-Virus - ClamWin
* Portable Instant Messaging - Miranda IM
* Portable Document Creation - Portable OpenOffice.org
* Portable Media Player - Portable VLC
* Portable Website & HTML Editor - Portable NVU

There are additional needs:

Mr. Childers Continues - "We will encourage each benefactor and direct customer to add a "Necessity Pack" for an additional $15.00 to be distributed to the Service Personnel with the ClipBio Pro. In our charitable efforts with several groups, we have found that these items are in severely short supply and are desperately needed by our men and women on the ground.

We have worked extensively with Chaplains on the ground in Iraq and Afghanistan to provide these personal items through the "Troop Closets" supported by donations and managed by the Chaplains. The troops really appreciate getting these items from home and also appreciate knowing that we care and they are not forgotten.

To date we have issued 5000 of the Soldier Cards and have many reports from the field of their effectiveness on improving morale. We have also sent letters to the troops through this program and other donations that have made a difference including playing cards, books, and other items that can remind them of home.

Whether you agree with the war effort or not, the safety, morale and well-being of our troops should never be an issue. We need to support our sons and daughters no matter what our political ideology or personal agenda - Period."

ASG will pay any additional shipping for these items. Each of these products and the accompanying "necessity packs" will be efficiently shipped through the US Postal Service by Military Postal Mail.

Each "necessity pack" will be available in Male or Female versions that you may choose at checkout during your purchase. Bulk Corporate Gifts and Individual Gifts will also have this same opportunity at a $15.00 per "Pack". These products will be shipped directly with the ClipBio Pro in the same box to the Service Personnel. Any donations of the items listed below would be greatly appreciated and will be used EXCLUSIVELY for this effort.

Each "Necessity Pack" will Contain the following personal items in a re-sealable plastic bag the soldiers can carry with them in their pack - Some of these items are purchased by ASG and some are donated. If you wish to donate items for this project please contact us.

* "You Are Not Forgotten" Soldier Card printed by ASG's subsidiary www.Cardstyle.net
* Toothbrush
* Toothpaste
* Razor 3-Pk
* Gender Appropriate Shaving Cream
* Gender Appropriate Antiperspirant Solid
* Hand Sanitizer (personal size)
* Package of Hard Candies (helps quench thirst in desert heat)
* Package of Gum (same as above)
* Q-Tips
* Pouch of Tissues
* Other items as donations permit - (small books, gifts, letters, etc.)

Each "Necessity Pack" will include the following Gender Specific items:

Additional Component - Male Pack - After Shave Ointment
Additional Component - Female Pack - Travel Size Pack of Feminine Products (Believe it or not, they cannot buy them off the shelf in Afghanistan or Iraq)

Functional, Stylish and Secure, The BioCert® ClipBio™ Pro is one of the most secure, innovative and advanced Personal Secure Portable Storage™ devices on the market. This plug-and-play Secure Portable Storage device may just become the most used accessory you own. Imagine, taking your files with you in an encrypted memory key that can only be opened with your fingerprint. At a value price point of $129.95 , the ClipBio Pro is perfect for Executives, Students, Business Owners, Bankers, Lawyers, Doctors and just about everyone else with a finger.

The BioCert® ClipBio™ Pro from Artemis Solutions Group is about to change the way you secure and travel with information. More information can be found on the web at www.clipbio.com.

ASG (www.atemis-usa.com) markets a range of computer, software and consumer products under its properly registered and owned trademark BioCert® and BioSaf® through a network of domestic and international resellers and extensively on the Internet through their owned and operated websites.

ASG and iQBio, Inc. are NOT authorized non-profit companies. They are a for-profit US Company and are using this program to do something substantive for the troops that shows the level of their commitment through their company's direct philanthropic program.

BioCert® and BioSaf® are registered trademarks of Artemis Solutions Group. iQBio™, iQBioSafe™, iQBioSync™, iQBioDrive™, Secure Portable Storage™ Odyssey™ Software and ClipBio™ are trademarks of Artemis Solutions Group. All other trademarks are the property of their respective owners and companies.

Sunday, June 11, 2006

VA To Recall All Laptops After Data Breach

VA To Recall All Laptops After Data Breach In TechWeb: Security


By Gregg Keizer, TechWeb News


The Secretary of Veterans Affairs (VA) on Thursday told Congress that his agency will take a number of security-related measures, including recalling every laptop in its inventory, to make sure the loss of 26.5 million veteran and active-duty personnel isn't repeated.


In testimony before the House Government Reform Committee Thursday, James Nicholson said that during the week of June 26, all laptops will be returned to the VA for a security review. Additionally, no personal laptops or desktops will be allowed to access the agency's network via VPN (Virtual Private Network) connections.


"VPN settings will be changed every 30 days, forcing laptop users to return the laptop to VA for updating and security screening," Nicholson said in his prepared statement read to the committee. That same week every VA facility -- in Nicholson's words, "every hospital, CBOC, regional office, national cemetery, field office, and VA's Central Office -- will close in a "stand-down" he called "Security Awareness Week." During the week, VA managers and supervisors will "review information security and reinforce privacy obligations and responsibilities with their staff," he added.


The various initiatives are in reaction to the May 3 burglary of a VA data analyst's home in which a laptop and external hard drive containing 26.5 million identities were stolen. Since then, Congress has held several hearings on the data breach, and new information -- including the fact that 80 percent of active-duty military members' data was among that stolen -- has come to light. Nicholson has also done some personnel housecleaning. The data analyst's supervisor, for instance, has stepped down, while another high-level official in the agency has been placed on administrative leave.