Saturday, January 06, 2007

2006 - The Year of Identity Theft and The Portable Data Breach

Over 1/3 of US Populations Private Data Directly Exposed to Identity Theft during 2006. Pandemic of Stupidity Continues.

Congratulations, you may be the current or potential future victim of identity theft without even knowing it - all courtesy of an illegal release of your information by your State, Federal Government agencies or big business, each with a responsibility and a legal mandate to protect your private data. The odds are fairly good that your private data is currently available to anyone who might be looking to use it for fraud, personal profit, or even more dubious actions.

The daily onslaught of media reports regarding the illegal or accidental disclosures of data are reaching pandemic proportions. The word "epidemic" does not even begin to describe the level of stupidity with regard to the warehousing, storage, transport and stewardship of individual private data.

The US Department of State announced on January 1st that the US Population hit the 301 Million mark. The snapshot presented by the report shows that the population of the US is diverse, composed of a high number of immigrants and is younger and more mobile than most other developed nations. The report states that a "Younger population growth keeps the economy and society vital". As these citizens set out to capture their part of the American dream, they will be opening bank accounts, making major purchases, buying cars, homes, getting married and having children. At the same time, they will be providing their private data to numerous companies, government agencies, financial institutions, health care organizations and other entities. Each time they provide this information, their risk of being a victim of an illegal breach of confidentiality increases exponentially.

Media accounts and running tallies for 2006 posted by several privacy organizations put the absolute minimum number of US residents who had their personal data exposed illegally at over 100 million. Of course this is only a small subset of the actual breaches and is only based upon the information that was publicly released. This means at a minimum that one in three American citizens had their personal private data out in the wild and potentially available for illicit use. The real number is quite a bit higher and may never actually be known publicly. If this shocking trend continues, and as the consolidation of data grows a conservative estimate would be that your personal data will invariably be illegally released every 2 years by some entity.

Your private data is everywhere. Your identity is valuable and if it is compromised, the economic, emotional and even physical damage can almost never be reversed.

With every purchase you make online, every major purchase like a home or car, each account you open with a bank, broker or insurance agent, health care agency, doctor, or even when you apply for basic services such as telephone or power you are "required by these providers" to release information such as your name, address, social security number, phone number, date of birth, credit card numbers, spouse and children's names, dates of birth, and other private data that is unique to your identity. Most of this data is collected under the guise of verifying your identity or to fulfill some government mandate or industry guideline to validate their internal procedures. The question is, what happens with this data?

There are several US Government laws that regulate what can and cannot be done with certain types of personally identifiable information. Each of these laws have penalties for breaches of the requirements. The sad truth is that almost none of these laws are enforced even when a very public breach has occurred.

As an example, HIPAA (Health Insurance Portability and Accountability Act), a law that deals with the collection, maintenance and release of individual private health information established both criminal and civil penalties for the unlawful release of patient data. This legislation took effect in April 2003. The Office for Civil Rights (OCR) within the Department of Health and Human Services is charged with investigating and prosecuting complaints. As of March 2006, the OCR has received over 18,000 complaints regarding the unlawful release of individual patient data, they have yet to impose a single civil penalty. As of March 28, 2006, there have been only two criminal convictions under HIPAA. One was a Texas woman Liz Arlene Ramirez who was arrested after agreeing to sell the information of FBI agents to people whom she believed to be a drug trafficker and the other was a man in Seattle caught using patients information to fraudulently obtain credit cards. HIPAA, like most other laws dealing with privacy of financial transactions, banking, or other regulations designed to protect your data is quite literally NEVER enforced.

Most industries have their own regulations when it comes to protecting private data. The credit card industry implemented PCI-DSS (Payment Card Industry - Data Security Standard) in 2004 requiring that companies that collect credit card information during a transaction must protect cardholder data, encrypt cardholder data, restrict cardholder data on a need-to-know basis, restrict physical access to individually identifiable cardholder data and are required to maintain and regularly test their network for security vulnerabilities. In June of 2006, the YMCA in Providence, Rhode Island had an unencrypted laptop computer stolen with the names, social security numbers, credit card and debit card information for 65,000 customers. This data should have never been in that form and on that device in the first place, yet nothing was done, and from the news accounts no one was held accountable. Banks, credit card companies, local and online merchants all have this data. Many of these companies have this data flowing through their organization on unencrypted laptops, hard drives, portable drives, flash drives, CDs and other portable media.

Why are they violating the PCI-DSS? Why are these organizations not fined or punished for their stupidity?

Your data is collected and stored in a database. The data in and of itself is not important, it is what you can do with the data that drives business. A process called "data mining" whereby little pieces of your life are recorded, quantified and analyzed is used to establish trends, habits and predictions about future events or actions.

For instance, if you own a coffee shop and you know that customer X buys an average 6 Drinks a week for the last 3 months, but now they are only consuming 1 or 2, wouldn’t you as a business owner want to know why? Maybe Customer X found a new coffee shop or has changed his patterns based upon a new job, commuting route, lifestyle change, or other event. Maybe the change coincided with a change in staff that didn’t have the same training on making the product in the way the customer was used to.

Likewise, if you managed the local supermarket and knew that your “Club Card” members buy 1000 boxes of a toasty flakes during certain periods of the year and you are forecasting purchasing decisions for products that are perishable you would probably look at the data over time to establish trends and develop a probability scale for the sell-through of an upcoming promotion.

Similarly, health care providers, insurance companies and employers can analyze the usage of drugs to treat disease, alternate treatment options, patient recovery rates, patient satisfaction and other factors to formulate new and streamlined treatment methods, reduce or contain costs.

By analyzing trends in the data and looking at your own business model, you can determine pretty accurately what is going on and make changes to your buying patterns, advertising, promotion, training, product offering or customer service to improve the efficiency and profitability of your operations and retain a loyal customer base. The question becomes what happens when the unintentional or illegal release of the data becomes life threatening or affects National Security?

The torrent of illegal personal data breaches during 2006 include several instances where active duty military personnel's information, SSN, home address, family information, medical information and rank was exposed from every single branch of the US Armed Forces. This information represents a serious threat to our national security in a time of war and a direct and personal physical threat to the families of the serving men and women currently in harms way, yet the response from the offending agencies has been more concerned with helping potential victims of credit fraud and identity theft rather than the safety and security of the families. When we are fighting a global war on terrorism against a ruthless and brutal enemy, we have to assume that then enemy would use these data mining techniques for a much more evil purpose. Why would you fight an armed enemy on the field of combat when you can have a much greater impact of "terror" by targeting their family members in a shopping center parking lot? This is a VERY real and frightening possibility and one that we have to assume is on the enemy's agenda.

Another startling revelation this year was the published reports from TWO separate Airports that the employee database went missing while stored on unencrypted media. The Port of Seattle announced on October 2nd, 2006 that six CDs missing from the ID Badging office at Seattle-Tacoma International Airport hold the personal information of 6,939 airport workers. The data include names, addresses, birth dates, SSNs and driver's license numbers, telephone numbers, employer information, and height/weight. The data on the disks were scanned from paper applications for airport badges. The port learned of the missing disks on September 18 and sent letters to the affected employees on Oct. 2. Again, the agency responded with the typical "we're sorry and if your credit gets messed up we'll help you out" letter.

So what are they doing about it? According to the Port of Seattle Web Site they are: "The Port of Seattle conducted a full investigation of this incident and confirmed that the disks are missing. The Port of Seattle is notifying all those whose information is known to have been included on the missing CDs.", but they are not modifying their policies or procedures to prevent this type of situation from happening in the first place.

The TSA had a similar incident with a missing flash drive at Portland International Airport on October 25th with a similar response. Does anyone care about unauthorized individuals having scanned copies of all of the data they need to forge ID Badges to gain entry to SeaTac and Portland Airports? Isn't anyone thinking about the possible ramifications of these actions? Apparently not.

So, how can you secure YOUR data? iQBio has several industry leading products that can help any person, business or government agency secure and control local or portable data with multi-factor authentication and encryption. Secure the data already... enough is enough.

iQBio Products to Secure Data with Multi-Factor Authentication and Encryption:

PC / Laptop

Client / Server

Portable Data

Thursday, December 07, 2006

MythBusted - Biometric Security and the Myth of the Perfect Security System


With the recent events in the press and the publicity surrounding the "Mythbusters test" regarding the Defeat of a Biometric Security Systems (Again), I felt it was important to discuss the events surrounding these successful attempt to defeat specific biometric products.

For those of you that don't know,
Mythbusters is a television program on the Discovery Channel that features a couple of intrepid Hollywood special effects gurus that "take on" current myths of the day and try to prove or disprove the basis of the myth. I must say that as an avid fan of the MythBusters television show, I was intrigued by the very thought of Biometric Technology being tested by these two.

Over the years there have been several media reports, studies and other documentaries about "The Defeat of Biometrics" and I have some very well known opinions about this premise. You can read an article that I wrote in June of 2002 that discussed the topic of
"Biometrics in the Real World" where I clearly state my opinions on the subject and offer some advise on implementing a Biometric Security System.

These same theories that I espoused over 4 years ago still hold true today and I am happy to say that YES I am glad that Adam Savage and Jamie Hyneman have brought some sense of reality to this industry that has for too long said "my product can't be broken or my biometric system can't be defeated". It's time for sanity to prevail in this argument about security systems and how easy it is or is not to break a biometric system.

There is even an entry in the modern cultural lexicon, Wikipedia discussing this topic. Wikipedia.org is a collectively updated and verified web encyclopedia.

"Recently the television program Mythbusters attempted to break into a commercial security door equipped with biometric authentication as well as a personal laptop so equipped. The results were shocking as they were able to easily defeat the technology with not one, but all of the different techniques they used. The most eye-opening was their quick success with a simple photocopy of a fingerprint. That the technology was so easily undermined strongly suggests that biometrics, in its present form, cannot yet be considered a strong form of authentication. (Wikipedia.org)"OK, now with that out of the way, let's discuss WHY this happened and WHY there is no such thing as a perfect security system.

  • Rule Number One - There is no impervious security system on the planet. There never will be.
  • Rule Number Two - When a vendor tells you that there system is completely unbreakable - they lie. Nothing is unbreakable.
  • When All Else Fails - See Rule Number ONE.

Security System Types (Factors) -

  • Biometric - Biometry Based (Who you are)
  • Password or Pin - Knowledge Based (What you know)
  • Keys or Tokens - Possession Based (What you have)

Biometric Systems -

  • Single Factor Authentication (SFA) - asks the question and grants access based upon "who is this person?". A SINGLE form of authentication is used to grant access based upon IDENTIFICATION.
  • Multi-Factor Authentication (MFA) - asks the question and grants access based upon "is this person whom they claim to be?" By using a statement of user identity (Card, PIN, Password or other token) and then authenticating access based upon VERIFICATION of this identity.

Single Factor Authentication (SFA) is considered weak security no matter what the factor.

Several unscrupulous biometrics vendors (mostly off-shore in origin) are vigorously promoting their single factor systems as unbreakable, live sensing, blah, blah, blah...

There is no system on the planet that cannot be beaten. Passwords can be guessed, tokens can be stolen, and yes Virginia, while there is a Santa Claus, there is no free ride in the security world. Biometrics can be spoofed. Any time you trust something important to a single factor authentication system, the risks should reflect the security level and never use this as your only line of security.

  • Are SFA biometric systems more secure than a password? - most often times yes.
  • Are SFA biometric systems more secure than a key based system that can be readily copied, shared or lost? - Again a resounding YES.
  • Are MFA (VERIFICATION) systems more reliable than SFA (IDENTIFICATION) systems? - ALWAYS.

Biometric Security Systems have firmly taken a solid place in security practices, however they should however NEVER be your ONLY security method if you are protecting highly valuable or sensitive information or facilities. Alarm systems, monitoring and recording systems, biometric systems and good security practices should all go hand-in-hand based upon the level of security required. Remember, your mileage may vary and treat EVERY system as if it were capable of being compromised.

Our premiere access control solution for small business, the Lucky Technology iGuard is a VERIFICATION system.

Our premiere PC access solution, the PCLokR is capable of multi-factor authentication.
Our premiere Enterprise Network authentication solution, the
VeriSoft Access Manager is also a VERIFICATION system capable of multi-factor authentication.

Thank you for your time and consideration.
James ChildersCEO iQBio, Inc.Intelligent Biometric Solutions

If you have any other questions you would like answered here or in our Blogs, please email me at james@iqbio.net with the subject line - "I want to know"...

Wednesday, November 29, 2006

BioCert ClipBio Pro 1GB Flash Drive Featured on CNN


BREAKING NEWS - New York City - November 28, 2006 – CNN PodCast: The ClipBio Pro 1GB was featured during the Show-and-Tell technology show PodCast on CNN. "Maybe you're into secrecy; in which case you need the BioCert ClipBio Pro... It does have one very 'James Bond' element - its got a fingerprint pad and it will not release the information stored on it unless your fingerprint is one of the ones registered. If that's not enough for you, it even encrypts the data that you've got on here... there's a flash drive for everyone." Ali Velshi CNN Correspondent. NOTE: This was filmed at a time when the ClipBio Pro 1GB was priced at $129.95. The price is now $99.95 for the same drive tested and showcased on the PodCast. Link to Video (5MB)

Thursday, October 19, 2006

Air Force, Army, Navy and Marines Deploying with BioCert® Technology.

From securing homeland bases with the BioCert® Guardian™ Fingerprint Door Locks to protecting Soldiers personal and sensitive data with portable BioCert® ClipBio™ Fingerprint Flash Drives, ASG’s BioCert® fingerprint biometric technology is taking an active role in protecting our troops, their families and improving homeland security.

Freeland, WA (PRWEB) September 23, 2006 — The United States Military Central Command is deploying soldiers to Iraq with the latest technology in biometric security to secure their personal and private information. Commanders at CENTCOM are distributing the BioCert® ClipBio™ Pro 1GB fingerprint flash drives to soldiers being deployed to Iraq.

US Air Force, Army, Navy, Marines and other coalition forces are using the ClipBio Pro (www.clipbio.com) to secure their personal communications with their families, personal files, create, store and email documents and to store confidential information all protected with their fingerprints. The BioCert ClipBio Pro is designed to secure up to 1Gigabyte of information with a simple swipe of your finger.

In addition to securing private data, the BioCert ClipBio Pro 1GB Portable Flash Disk can be used as a “complete PC on a stick” - without the additional weight of the PC. The ClipBio Pro comes standard with a suite of portable applications that make it possible for anyone to create, modify, convert to PDF, email and receive documents, pictures and even edit home movies, all with a swipe of their finger using any public PC. When the ClipBio is removed, no trace of the data is left on the host PC.

“Unlike previous generations, today’s soldiers have the ability to communicate from the field via the Internet with their families through the use of email, video email and other high tech methods on a regular basis. In years past, these messages from loved ones in the battlefield used to take months to get from a combat zone to the recipient. Now they take nano-seconds. Computers have changed the way we fight the battle, but also how we communcate with our loved ones at home. How can a soldier justify carrying a laptop with them into the field along with all of the other life-saving equipment they need to carry? Do they make a choice between life-saving devices such as flame retardant foundation garments to protect them from IED’s, breathable honeycomb “cooling vests” that are worn under their body armor to make the desert heat bearable, elbow and knee pads, gloves, a video camera, a notebook, - or - a 10 pound laptop? Now our brave men and women don’t have to make that choice. Todays soldier can carry everything they need to do everything they would normally do with a PC, all in under 2 ounces - in the palm of their hand for under a hundred dollars. Members of every branch of service are carrying their ClipBio Pro with them in the field.” claims James Childers - CEO of Artemis Solutions Group, (www.artemis-usa.com) makers of the BioCert ClipBio Pro Flash Drives.

Unit Commanders routinely authorize “open” computers for shared use by soldiers within their command. These computers are used on a rotating basis by soldiers not only to prepare, send and receive email with their loved ones, but also to conduct other personal business such as balancing the checkbook, budgeting, checking or repairing their credit report, online banking and all of the other activities that they would perform on their PC at home. The question has always been how do you keep your data safe from prying eyes? The answer is the $99 BioCert ClipBio Pro 1GB with Secure Biometric Encryption.

Just a few months ago news outlets reported that the US Military was paying Afghan shopkeepers thousands of dollars to recover unsecure flash drives that were stolen from Bagram Air Force Base and offered for sale in the local markets. These drives contained such sensitive information as “data that appeared to have come from inside the base, including a soldier's military discharge certificate, troop resumes and photographs of Air Force One during a visit to Afghanistan by President Bush”. According to news reports, some even included detailed diagrams of the base, duty rosters, and even names of Afghan spies working with the US against the Taliban.

Unfortunately this breach of security is not uncommon with insecure flash drives. So far this year, media reports have disclosed over 148 descrete events involving insecure portable data potentially exposing the private data over 33 million US Citizens (or over 11% of the US Population and EVERY single man and woman serving in our armed forces). “The Identity Theft Resource Center, a non-profit organization http://www.idtheftcenter.org keeps track of this wave of stupidity that is sweeping the country. With almost daily updates to the list they highlight the “reported” incidents and offer victims assistance through their many programs. Many incidents go sadly - unreported. Don’t be a victim. Take a pro-active stance to protect your data. A cheap insecure flash drive can cost you thousands of dollars worth of direct and consequential losses, not to mention a huge financial or criminal liability if you lose other individuals data.” continues Childers.

The ClipBio Pro solves this issue by protecting the private partition of the drive with AES Encrypted Security incorporating your fingerprint as the key.

Controlling access within a facility is another daunting task for government security professionals. ASG’s BioCert technology is leading the way with stand-alone fingerprint door locks to secure Information Technology assets within Naval and Air Force facilities. Securing an Server Room or Network Closet is as simple as replacing the existing lockset (with very minor modification to the door) with the BioCert® Guardian™ XL door lock (www.iqbio.com). The Guardian XL is a unique stand-alone security solution in that it requires no additional wiring, has built-in administrative management for 30 or 99 users and can be installed at any facility within a matter of minutes. Perfectly suited for “secondary echelon” security, the Guardian XL is designed to work inside the outer ring of high security facilities on doors that just need to authorize simple access. As a stand-alone solution, the Guardian XL Fingerprint Door Lock is easy to manage, simple to deploy and has both a PIN code and Secure Key overide.

ASG (www.artemis-usa.com) is a closely held, private security firm specializing in fingerprint biometric and smart card security solutions. With offices in the US, EU, and Canada, ASG sells directly and through its global network of resellers and system integrators best of breed biometric and smart card security systems to small & medium business and local government agencies throughout the world. ASG’s related company iQBio (www.iqbio.com) is tasked with design, supplier relations, manufacture and OEM manufacturing oversight and global sourcing, distribution and logistics of its solutions.

Friday, August 18, 2006

How to Pack Your Laptop for a Business Trip - What if I have to Check my Luggage?

One of the most daunting aspects of the fall-out from the bomb threat at Heathrow Airport and the resulting security changes is that people may no longer be allowed to carry ANY liquids, cosmetics and personal electronics with them on Airplanes. Forgetting about the minor inconvenience of having to go shopping for toiletries when you arrive at your destination or stuff them into your “checked baggage” before you leave... what about your Laptop? What about the Data?

Airlines and the facilities that support them aren’t exactly known as a bastion of security when it comes to keeping your checked baggage or its contents from theft or misplacement by underpaid and overworked employees. While the incidents of lost or damaged general luggage have been declining, there is still a substantial risk of loss where valuable goods are involved. Most often your laptop contains the full depth and breadth of information that you need for a meeting with a customer, supplier or demonstration for a trade show and represents your ability to close the sale.

Why would you put your most critical asset at risk by having it roll through the airports conveyor and sorting system along with skis, golf clubs, boxes, mail and other luggage and then finally have a 300 pound gorilla drag it out to the tarmac and throw it in the belly of your airplane?

Now you don’t have to worry about losing your data or having it show up in an airport luggage counter thousands of miles away the day of your big presentation - carry the BioCert® ClipBio™ Pro or iQBioDrive™.

Each is a viable alternative to losing your most valuable asset on the day of your big presentation. I am not recommending that you do not take your laptop with you on a business trip, but the reality of the world is that you may lose your most valuable asset in a tragic luggage accident or a malicious theft when an airline or TSA employee making $9.00 per hour decides he can supplement his income by pawning your $2000 laptop. Even worse, ALL airlines specifically say that they will NOT pay for damaged or stolen computers or other “fragile items” in checked baggage, yet the TSA may REQUIRE you to check these items. This is a serious dichotomy and represents a substantial liability for business travellers.

There is an option:

Make a backup of the critical data on the BioCert® ClipBio™ Pro or iQBioDrive™ and carry it with you on the plane in your pocket or send it by courier.

  • The BioCert® ClipBio™ Pro can store up to 1GB of files secured with a swipe of your fingerprint.
  • iQBioSync™ Software included with the ClipBio Pro actually can synchronize your email, files and folders so you can carry the critical data with you.
  • The included “Portable Application Suite” allows you to create, modify, and save presentations, letters, and other documents and even create and email PDF files securely from the ClipBio Pro or iQBioDrive.
  • If the meeting is a critical meeting, synchronize multiple copies of the files and send one by FedEx or UPS to the hotel or destination.

    • Even if the ClipBio Pro or iQBioDrive is intercepted by a third party or lost it is secured by your fingerprint and cannot be used.
    • The ClipBio Pro at $99.95 is somewhat disposable and is perfectly suited for this type of application.
How important is your data? You do have to assume that when you put your most valuable portable business asset in the belly of the aircraft you may never see it again. This is only prudent planning and good business. Can you afford NOT to buy aBioCert® ClipBio™ Pro or iQBioDrive™? Starting at $99.95 each seems like cheap insurance.

Friday, July 14, 2006

The Latest Mea Culpa from the Veterans Affairs Office


As if losing the information for 26.5 MILLION US “Veterans” wasn’t enough - The VA is slowly and eventually explaining how and why this breach happened...well sort of.


Secretary Nicholson announced that the data had been stolen on May 22, 2006, but neglected to tell the American public that they learned of the breach happened a full thirteen days before the public announcement. He also left out some other crucial details as we will see later in this blog.


When the public outrage exceeded their expectations, the VA initiated their own investigating while having the audacity to highlight their “Innovations in American Government Award” for their model system of electronic health records. Talk about hutspa! To simultaineously promote the same electronic medical record system that lead to the violation of millions of Veterans and their families as a model of efficiency resulting in high patient satisfaction is a disgrace to those that got the short end of the stick when it comes to the VA’s data security system.


The first official response from the VA was to post a “We’re Sorry” page on their website titled - “Veterans Affairs data security issue” with a simple announcement:


    The Department of Veterans Affairs (VA) has recently learned that an employee, a data analyst, took home electronic data from the VA, which he was not authorized to do. This behavior was in violation of our policies. This data contained identifying information including names, social security numbers, and dates of birth for up to 26.5 million veterans and some spouses, as well as some disability ratings. Importantly, the affected data did not include any of VA's electronic health records nor any financial information. The employee's home was burglarized and this data was stolen. The employee has been placed on administrative leave pending the outcome of an investigation. Still being paid, but on “Administrative Leave”.

    The Secretary of Veterans Affairs R. James Nicholson has briefed the Attorney General and the Chairman of the Federal Trade Commission, co-chairs of the President's Identity Theft Task Force. Task Force members have already taken actions to protect the affected veterans, including working with the credit bureaus to help ensure that veterans receive the free credit report they are entitled to under the law. Additionally, the Task Force will meet today, 22 May 2006, to coordinate the comprehensive Federal response, recommend further ways to protect affected veterans, and increase safeguards to prevent the reoccurrence of such incidents.

The first response was to protect Credit Reports and offer free credit monitoring? Shouldn’t they be worried about National Security and the lives of our serving men and women or their families? Hold on - the rabbit hole gets deeper...


This is an excerpt from the first letter that was sent to the US Veterans by the VA -


Dear Veteran:



The Department of Veterans Affairs (VA) has recently learned that an employee took home electronic data from the VA, which he was not authorized to do and was in violation of established policies. The employee’s home was burglarized and this data was stolen. The data contained identifying information including names, social security numbers, and dates of birth for up to 26.5 million veterans and some spouses, as well as some disability ratings. As a result of this incident, information identifiable with you was potentially exposed to others. It is important to note that the affected data did not include any of VA’s electronic health records or any financial information.


With the above information, I could find out everything there is to know about you including what you had for lunch yesterday. Credit card records, banking, brokerage accounts, home loans, everything is tied to three primary national credit reporting databases that are relatively easily accessible.


The VA set up a hotline for affected Veterans, Servicemen and their SPOUSES to call and get more information on the breach and how to protect their credit. Protecting their credit should be the least of their worries. Read on and you’ll see why.


On June 3, 2006, the VA had this to say -


(The) VA has learned through its ongoing analysis of the data stolen on up to 26.5 million individuals, and in discussions with the Department of Defense, that private information – the names, Social Security Numbers and dates of birth – on certain National Guard and Reserve personnel who are on at least their second federalized active duty call-up could potentially be included. The number of those potentially affected is believed to be between 10,000 and 20,000.


Additionally, private information – the names, Social Security Numbers and dates of birth – on some active duty U.S. Navy personnel may be involved. This could potentially include members of the U.S. Navy who remain on active duty and completed their first enlistment term prior to 1991. Working with the Department of Defense, VA has determined this group likely consists of between 25,000 and 30,000 individuals.


We found out later that not only was prior Veterans information included, but current service members information was also included in the data on an unsecured drive. But wait - the story gets even more interesting ...the numbers just don’t add up!



Imagine the horror of having identifying information including names, addresses social security numbers, and dates of birth and even disability and medical information of every single soldier and veteran in the hands of Al Qaeda. Why fight an war in Iraq or Afghanistan against an armed foe when you have access to their unarmed families here in the USA and can pick them off at will with a sniper in the shopping center parking lot?


On June 6th, the VA released another “Gem” by way of a website release - “Secretary of Veterans Affairs R. James Nicholson today announced that data stolen on 26.5 million individuals included information on more active-duty military personnel than initial findings indicated.”



VA announced over the weekend that information on some active-duty personnel were among the data stolen on up to 26.5 million individuals. Initial findings from VA and the Department of Defense indicated the personal information on approximately 50,000 active duty, National Guard and Reserve personnel may have been involved.


As the two agencies compared electronic files, VA and DoD learned that personal information on as many as 1.1 million military members on active duty, 430,000 members of the National Guard, and 645,000 members of the Reserves may have been included in the data theft.


This information is pulled from the VA’s own website. They proudly state:


On July 21, 2005, VA celebrated its 75th Anniversary. It had grown from the Veterans Administration with an operating budget of $786 million serving 4.6 million veterans in 1930 to the Department of Veterans Affairs with a budget of $63.5 billion serving nearly 25 million veterans today.

According to Pentagon numbers there are approximately 1.5 Million troops currently serving in the armed forces. If we take both numbers and add them together we come up with - - - 26.5 MILLION, which just happens to be the magic number of the records that were on the disk.


This means that the personal information of potentially EVERY SINGLE Veteran AND current Active Duty military members was exposed to a security breach and potential public distribution, even to our enemies through purchase on the “very real and readily available” illicit market of personal data.


There has been enough fertilizer in the responses from the leadership at the VA to cover the lawns of all 26.5 million victims. And they are still covering up and minimizing the potential damage to every American Citizen and our communities.


Imagine the horror of having identifying information including names, addresses, social security numbers, and dates of birth and even disability and medical information of every single soldier and veteran in the hands of Al Qaeda. Why fight an war in Iraq or Afghanistan against an armed foe when you have access to their unarmed families here in the USA and can pick them off at will in the shopping center parking lot? Do not be complacent enough to think that our enemies have not thought about this as a tactic and the fact that the US Government didn’t even think about warning the families or Veterans about this probable outcome of the data breach is unforgiveable.


Every single American citizen and especially the military community should be screaming at the top of their lungs and mad as hell over this blatant stupidity and complete disregard for the law, our soldiers and their families safety and the internal data security. Now the FBI has announced that they have recovered the laptop and that it has a “high degree of confidence” that the sensitive files were not accessed or compromised. Somehow I don’t have a “high degree of confidence” in their findings. I do have however a “high degree of confidence” that they want to sweep this under the rug as quickly as possible.


The new slogan of the US Government Portal Site is “Expect More” and from the above outline, it seems they are delivering on that promise - more information every day - more obfuscation, deceit, cover-ups and comprimizing of our National Security!


Heads should roll at the VA, Pentagon and every other agency involved with this national disgrace.



In another program of self-congratulations and incestuous gladhanding, a new government initiative that rates government agencies even rated the Department of Veterans Affairs as PERFORMING MODERATELY EFFECTIVELY.


“A program rated Moderately Effective has set ambitious goals and is well-managed.”

Well Managed? Moderately Effective? Yeah, Right.


Laptop Computer - $1500.00, External Hard Drive - $300.00, Total Budget - $63.5 Billion, One Data Analyst putting ALL of our Soldiers, Veterans and their Families at risk with blatant stupidity - Priceless!

Wednesday, June 28, 2006

It’s 10:00PM, Do you Know What Your Data is Doing?

Your Data - Your Choice - Your Security


There is almost not a day that goes by that we don’t hear about a Government Agency, Corporation or other entity losing a device with private data. Most, if not all of this data is confidential and should never be on a non-encrypted or non-secure portable disk, however this is the world in which we live. Data Analysts need to take their work home. Business Managers need customer and sales data for planning, forecasting and business modeling. Even on a personal level, we often need to transport files from PC to PC or synchronize data amongst mutliple platforms - laptop, desktop, etc.


Your data is valuable. Your data is in demand. Your private data is everywhere.


From the purchases you made using the “Club Card” at the local supermarket to the last oil change you had done at the SuperCenter, the plane ticket you bought online, and even the last pizza you ordered from the national chain. little pieces of your life are recorded, quantified and analyzed. It’s a process called “Data Mining”. Data Mining is used to establish probability grids and forecasting future events based upon known factors and analyzing trends within the data.


For instance, if you own a coffee shop and you know that customer X buys an average 6 Drinks a week for the last 3 months, but now they are only consuming 1 or 2, wouldn’t you as a business owner want to know why? Maybe Customer X found a new coffee shop or has changed his patterns based upon a new job, commuting route, lifestyle change, or other event. Maybe the change co-incided with a change in staff that didn’t have the same training on making the product in the way the customer was used to.


Likewise, if you managed the local supermarket and knew that your “Club Card” members buy 1000 boxes of a toasty flakes during certain periods of the year and you are forecasting purchasing decisions for products that are perishable you would probably look at the data over time to establish trends and develop a probability scale for the sell-through of an upcoming promotion.


Similarly, health care providers, insurance companies and employers can analyze the usage of drugs to treat disease, alternate treatment options, patient recovery rates, patient satisfaction and other factors to formulate new and streamlined treatment methods, reduce or contain costs.


By anayzing trends in the data and looking at your own business model, you can determine pretty accurately what is going on and make changes to your buying patterns, advertising, promotion, training, product offering or customer service to improve the efficiency and profitability of your operations and retain a loyal customer base.


There are several basic kinds of data and for the purposes of this article we will only touch on a few - Personal, Empirical, Aggregate and Summary Data. Each has its own value both to the person that gives up the data and the person that is using the data.


The most valuable one for all parties is Personal Data. This includes information such as your name, address, credit card, ID number, email address, medical records, receipts, bills, income, expenses, spending habits and other uniquely identifiable data. Personal Data is highly prized by commercial and government eliments because it can be used to increase profitability, streamline operations, quantify habits, establish patterns and make unique predictions about individuals and how they live. With this information you can specifically market to an individual or group and offer a product or program that meets a specific need. The Criminal element loves this data too because it is rich with personally identifiable information and can be used to open fraudulent bank accounts, credit card accounts or use the data in other ways in Idenity Theft schemes.


The second type of data is Empirical Data - this is data that is gained through observation or recording of events without personal involvement of the individual in providing the data. An example of this would be sitting outside of a competitors store and counting the number of individuals entering or leaving with purchases over time or viewing other events as they occur and recording the results.


Combining Personal and/or Empirical Data in a group (or Data Set) we get Aggregate Data or Summary Data. Aggregate Data is simply ALL of the data generally segmented by individuals or groups whereas summary data is generally only a small subset or group of the data rolled-up into summarized form. Aggregate Data is used by data miners to search for specific anomolies within trends, changes in specific groups patterns, quantifying individual customer value, or other data that requires the entire data set to model against. Summary Data is generally only a small subset of the aggregate and is used for planning, simple modeling and other general research.




No matter what business you are in, it is all about the Data. Your Data. Exactly how much of this data you are willing to give is up to you, but some, if not most of it can be gleaned through empirical means and recorded or worse yet, purchased from Data Mining Companies without your expressed consent or knowledge.


Some privacy advocates decry this as an Orwellian threat, however there are some things that you can do to protect yourself and there are substanial laws already on the books and financial industry guidelines to protect individual data.


Government regulations including HIPAA (Health Insurance Portability and Accountability Act) and other Federal, State and Local laws regulate the secure access to ANY individually identifiable data held by Healthcare Professionals, Employers, Banks, Financial Institutions, Brokerage Houses, and just about every other type of entity that stores or uses this data. There are heavy financial penalties and JAIL time involved for breaches of these offenses (or so we are told). Yet NO ONE is holding any person or organization accountable for their rampant stupidity, ignorance of the laws and incompetence.


Visa for example has had the CISP (Cardholder Information Security Program) since June of 2001 that requires that merchants:



  • Build and Maintain a Secure Network

  • Protect Cardholder Data (Including Transmission and Storage Encryption)

  • Maintain a Vulnerability Management Program (Test their networks for intrusion)

  • Implement Strong Access Control Measures (Including Restricing Physical Access To Cardholder Data)

  • Maintain an Information Storage Policy that complies with secure storage and access to customer data.

Newer and more stringent guidelines from Visa and other card processing companies include that NO individually identifiable card numbers are left on unencrypted systems and that individually identifiable data is protected from breaches in security.


So when Hotels.com lost the customer and credit card information for customers that purchased through their website from 2002, 2003, 2004 and 2005 that was stored and left in an automobile on a laptop with a non-encrypted hard drive by an Ernst & Young employee, it was in clear violation of their agreement with Visa. It also was a clear violation of the law. At the very least the data should have been encrypted and protected by strong password security, but evidently it wasn’t.


Again, when Marriott lost the same type of data in January 2006 from customers of its time-share division, they simply gave customers a phone number and web address to “find out more information”. Worse yet, IBM lost an un-encrypted hard drive with the personal data including BANK ACCOUNT information of 180,000 of their clients. Yet no one is holding these companies accountable for serious breaches in security, lapses in judgement and just downright stupidity with regard to their stewardship of client data. Here are a few more Gems from just the last few months:



Enough Already - SECURE YOUR DATA. Secure your Customers Data. This stuff is out there, it is valuable. The devices are disposable but the data isn’t.


Today, iQBio, Inc. is announcing the latest in our secure storage series of products that incorporates AES Encryption and Fingerprint Recognition to secure Portable Data. Introducing the iQBioDrive - a 100GB external hard drive that encrypts and secures your data using your fingerprint. Read about this product and don’t take chances with your data.



Monday, June 26, 2006

Another Data Breach - The madness continues...

U.S. Navy: Data Breach Affects 28,000

Five spreadsheet files with personal data on approximately 28,000 sailors and family members were found on an open Web site, the U.S. Navy announced June 23.

The personal data included the name, birth date and social security number on several Navy members and dependents. The Navy said it was notified on June 22 of the breach and is working to identify and notify the individuals affected."There is no evidence that any of the data has been used illegally. However, individuals are encouraged to carefully monitor their bank accounts, credit card accounts and other financial transactions," the Navy said in a statement.

It said individuals affected by the breach will be contacted soon to ensure they have information on how to guard against identity theft. Information on how to watch for suspicious activity on personal accounts has been posted on the NPC (Navy Personnel Command) Web site.

The files have been removed from the site, and Navy's chief of personnel is working with the law enforcement to determine how and when the files were placed on the Web and prevent future release of information of this type, the statement said.

The U.S. Navy becomes the third government department to confirm data loss through computer theft or server compromise. Earlier this week, the Agriculture department said about 26,000 of its employees and contractors could be at risk of identity theft after a hacker broke into its computer system.

A laptop stolen from a government employee in Maryland in May also exposed personal data on about 26.5 million veterans and current military troops.

Source - Ryan Naraine www.eweek.com

Wednesday, June 14, 2006

The security of our troops, the integrity of their personal data and the ability to communicate with their family and friends in a a secure manner is the purpose of the Every Soldier Online Program. ASG's ClipBio™ Pro has everything that a Soldier needs to create, store, send and receive documents, emails, and other correspondence using ANY public computer without leaving a trace of their documents on the host PC - and all secured on their ClipBio™ Pro with their fingerprint.

Freeland, WA (PRWEB) June 15, 2006 -- The Every Soldier Online (www.everysoldieronline.com) initiative is designed to provide all US Service Men and Women with a BioCert® ClipBio™ Pro 1GB Portable Flash Drive for their personal use while overseas at a dramatically discounted price.

Artemis Solutions Group (ASG) and iQBio, Inc. Announce the Every Soldier Online Program to Benefit Troops and Their Families Using the ClipBio™ Pro Portable Flash Drive
"We believe that every single US Soldier should carry with them a BioCert ClipBio™ Pro 1GB Portable Flash Drive.
clipbioproSMWEB.jpg

The ClipBio™ Pro is a fingerprint secure flash memory disk that an enrolled user can take directly to ANY PC and use their personal email, pictures, files, folders and other items stored on the flash drive without carrying a bulky computer or laptop or in having their personal security violated by the loss of the ClipBio Pro.

Each ClipBio Pro is protected by 128Bit AES encryption and is only able to be "unlocked" through the presentation of an authorized fingerprint. Once unlocked, the user has full access to the data, programs and files stored on the ClipBio Pro.

The need for our troops heading off to foreign soil need to keep in contact with their families and friends back home is of grave concern. To do this securely is the function of the ClipBio Pro from ASG.

Since a traditional laptop is not something that every soldier can take with them, our Airmen, Soldiers, Sailors and Marines are using shared computers to send email, create documents and store their correspondence and personal information.

Frequently they use non-secure flash drives or store the information, or store the data on a shared PC. This practice compromises their own and our national security as it allows others to see their personal data. There are also many cases recently discussed in the news where unsecured flash drives with personal or private content on them have been stolen and shared with the enemy.

According to an Associated Press report on April 14, 2006:

"Shopkeepers outside U.S. military headquarters in Afghanistan said that American investigators have paid them thousands of dollars to return stolen computer drives, many of which contained sensitive military data.

But dozens of the memory sticks were still on sale in shops outside the base and the shopkeepers let an Associated Press reporter review about 40 of them on a laptop computer.

Most were blank or did not work, but three contained data that appeared to have come from inside the base, including a soldier's military discharge certificate, troop resumes and photographs of Air Force One during a visit to Afghanistan by President Bush last month."

This is a national security and personal privacy issue that ASG is addressing through the Every Soldier Online Program.

ASG CEO James Childers States: "We believe that every single US Soldier should carry with them a BioCert ClipBio™ Pro 1GB Portable Flash Drive.

We believe it so strongly that we have set up a Every Soldier Online program that is explained through our www.EverySoldierOnline.com website. As a symbol of our dedication to our soldiers and their sacrifices during this time of national crisis, Artemis Solutions Group, iQBio, Inc and other related companies with the help of our team of partners is launching this program dedicated specifically to providing each and every United States soldier with a ClipBio Pro 1GB portable secure flash drive - in some cases FREE of Charge (through a 50% grant discount provided by us and a paid corporate or personal benefactor, direct personal purchase by service personnel, family or friend)

This program is open to all branches of Service in the USA and all members, stationed at home, field deployed, whether active duty or reserve."

At $129.95 plus $9.95 for United States Postal Service Priority Mail shipping the total retail price of each ClipBio Pro is $139.90.

Under the Every Soldier Online Program each ClipBio Pro will cost either the US Service Personnel, their Family, Friends or Their Benefactors only $69.95. I strongly believe that this program will make an important difference for each of our Service Men and Women, their Families and Friends by allowing them to communicate through their secure "computer on a stick" - the BioCert ClipBio Pro.

Service Personnel that wish to purchase their own ClipBio Pro at the Every Soldier Online discount grant price should place their order online and have the product shipped to their station location using the USPS, APO or FPO address.

Requirements - Active Duty Service Personnel from any branch of the US Armed Forces are immediately eligible for a 50% GRANT discount on the purchase price of the ClipBio Pro by ASG. In order to verify eligibility, the product must be shipped to a registered US Airbase, Army Base or Naval Facility or be delivered to a valid APO/FPO address through the US Postal Service. We will also ship these products to any other address required if you provide us with a .gov or .mil email address during the checkout process. You must also state your branch of service as we will keep a running total of products issued to each branch.

ASG encourages friends and family members of Servicemen and Servicewomen to purchase a ClipBio Pro directly through the www.everysoldieronline.com website for an immediate 50% discount to be shipped directly to ANY US Service Personnel using an APO, FPO or registered US Base, Air Base or Naval Facility. These products will ship through the US Postal Service in individual packages directly to the Soldier, Airman, Marine or Sailor.

Service Personnel that either cannot afford or do not wish to purchase a unit directly may fill out the Benefactor Request form and put their name on a waiting list. As ASG receives Individual or Corporate Benefactor Grants through the program, we will fulfill these requests on a first-come, first-served basis.

Anyone can be a "Benefactor" and pay $69.95 towards the purchase of a ClipBio Pro at the 50% discounted price. "If you pay half of the retail price , we will match your Gift with the remaining part of the retail price discounted by us. We will send you the name and branch of service of the Soldier that received your Gift." says Celeste Grannum - Press Coordinator for ASG

Benefactors can make a donation of any amount towards the purchase of a ClipBio Pro for a Service Person on our list of requests by making a gift of any amount to the program by clicking on the PayPal Donation button on the "buy one now" page on the website or sending any amount through PayPal using the link provided on the site.

For those companies, individuals or groups that wish to make a bulk Gift we have a special program. These companies may purchase as many of the ClipBio Pro units they wish at the Gift Discount Price of $69.95 we will send them a receipt for their records and send the purchased ClipBio Pro's directly to a Chaplain in Iraq, Afghanistan, or other foreign theatre of the war on terror to distribute directly to their troops as they see fit.

ASG will distribute these Grants equally unless the organization specifies a particular Chaplain with which their group is working. For Corporate Gifts in excess of 500 pieces, ASG can include your company name silk-screened on the rear of the ClipBio Pro 1GB or include items with the company's message or logo within the package.

Your company, church or group can make a difference in a Soldiers Life...

What software is included under this program?

Each ClipBio Pro will include these FREE Portable Applications that can only be run directly from the secure partition of the ClipBio Pro -

* Secure Encryption Software - AES 128 Bit secured with patented biometric fingerprint technology. No data is visible without expressed authorization.
* Advanced Synchronization Program - iQBioSync included at No Charge
* Secure Web Browsing Software - Portable FireFox
* Secure Email Software - Portable Thunderbird
* Portable Anti-Virus - ClamWin
* Portable Instant Messaging - Miranda IM
* Portable Document Creation - Portable OpenOffice.org
* Portable Media Player - Portable VLC
* Portable Website & HTML Editor - Portable NVU

There are additional needs:

Mr. Childers Continues - "We will encourage each benefactor and direct customer to add a "Necessity Pack" for an additional $15.00 to be distributed to the Service Personnel with the ClipBio Pro. In our charitable efforts with several groups, we have found that these items are in severely short supply and are desperately needed by our men and women on the ground.

We have worked extensively with Chaplains on the ground in Iraq and Afghanistan to provide these personal items through the "Troop Closets" supported by donations and managed by the Chaplains. The troops really appreciate getting these items from home and also appreciate knowing that we care and they are not forgotten.

To date we have issued 5000 of the Soldier Cards and have many reports from the field of their effectiveness on improving morale. We have also sent letters to the troops through this program and other donations that have made a difference including playing cards, books, and other items that can remind them of home.

Whether you agree with the war effort or not, the safety, morale and well-being of our troops should never be an issue. We need to support our sons and daughters no matter what our political ideology or personal agenda - Period."

ASG will pay any additional shipping for these items. Each of these products and the accompanying "necessity packs" will be efficiently shipped through the US Postal Service by Military Postal Mail.

Each "necessity pack" will be available in Male or Female versions that you may choose at checkout during your purchase. Bulk Corporate Gifts and Individual Gifts will also have this same opportunity at a $15.00 per "Pack". These products will be shipped directly with the ClipBio Pro in the same box to the Service Personnel. Any donations of the items listed below would be greatly appreciated and will be used EXCLUSIVELY for this effort.

Each "Necessity Pack" will Contain the following personal items in a re-sealable plastic bag the soldiers can carry with them in their pack - Some of these items are purchased by ASG and some are donated. If you wish to donate items for this project please contact us.

* "You Are Not Forgotten" Soldier Card printed by ASG's subsidiary www.Cardstyle.net
* Toothbrush
* Toothpaste
* Razor 3-Pk
* Gender Appropriate Shaving Cream
* Gender Appropriate Antiperspirant Solid
* Hand Sanitizer (personal size)
* Package of Hard Candies (helps quench thirst in desert heat)
* Package of Gum (same as above)
* Q-Tips
* Pouch of Tissues
* Other items as donations permit - (small books, gifts, letters, etc.)

Each "Necessity Pack" will include the following Gender Specific items:

Additional Component - Male Pack - After Shave Ointment
Additional Component - Female Pack - Travel Size Pack of Feminine Products (Believe it or not, they cannot buy them off the shelf in Afghanistan or Iraq)

Functional, Stylish and Secure, The BioCert® ClipBio™ Pro is one of the most secure, innovative and advanced Personal Secure Portable Storage™ devices on the market. This plug-and-play Secure Portable Storage device may just become the most used accessory you own. Imagine, taking your files with you in an encrypted memory key that can only be opened with your fingerprint. At a value price point of $129.95 , the ClipBio Pro is perfect for Executives, Students, Business Owners, Bankers, Lawyers, Doctors and just about everyone else with a finger.

The BioCert® ClipBio™ Pro from Artemis Solutions Group is about to change the way you secure and travel with information. More information can be found on the web at www.clipbio.com.

ASG (www.atemis-usa.com) markets a range of computer, software and consumer products under its properly registered and owned trademark BioCert® and BioSaf® through a network of domestic and international resellers and extensively on the Internet through their owned and operated websites.

ASG and iQBio, Inc. are NOT authorized non-profit companies. They are a for-profit US Company and are using this program to do something substantive for the troops that shows the level of their commitment through their company's direct philanthropic program.

BioCert® and BioSaf® are registered trademarks of Artemis Solutions Group. iQBio™, iQBioSafe™, iQBioSync™, iQBioDrive™, Secure Portable Storage™ Odyssey™ Software and ClipBio™ are trademarks of Artemis Solutions Group. All other trademarks are the property of their respective owners and companies.

Sunday, June 11, 2006

VA To Recall All Laptops After Data Breach

VA To Recall All Laptops After Data Breach In TechWeb: Security


By Gregg Keizer, TechWeb News


The Secretary of Veterans Affairs (VA) on Thursday told Congress that his agency will take a number of security-related measures, including recalling every laptop in its inventory, to make sure the loss of 26.5 million veteran and active-duty personnel isn't repeated.


In testimony before the House Government Reform Committee Thursday, James Nicholson said that during the week of June 26, all laptops will be returned to the VA for a security review. Additionally, no personal laptops or desktops will be allowed to access the agency's network via VPN (Virtual Private Network) connections.


"VPN settings will be changed every 30 days, forcing laptop users to return the laptop to VA for updating and security screening," Nicholson said in his prepared statement read to the committee. That same week every VA facility -- in Nicholson's words, "every hospital, CBOC, regional office, national cemetery, field office, and VA's Central Office -- will close in a "stand-down" he called "Security Awareness Week." During the week, VA managers and supervisors will "review information security and reinforce privacy obligations and responsibilities with their staff," he added.


The various initiatives are in reaction to the May 3 burglary of a VA data analyst's home in which a laptop and external hard drive containing 26.5 million identities were stolen. Since then, Congress has held several hearings on the data breach, and new information -- including the fact that 80 percent of active-duty military members' data was among that stolen -- has come to light. Nicholson has also done some personnel housecleaning. The data analyst's supervisor, for instance, has stepped down, while another high-level official in the agency has been placed on administrative leave.


Friday, May 26, 2006

Secure Portable Storage™ ClipBio™ Pro

How Secure is Your Portable Data? The BioCert® ClipBio™ Pro Fingerprint Biometric Flash Drive Secures Portable Data With a Touch of Your Fingerprint

Download this press release as an Adobe PDF document.

Artemis Solutions Group announced today the immediate availability of their latest innovative product under the BioCert® product line the BioCert® ClipBio™ Pro 1GB Secure Fingerprint Flash Drive.

Freeland, WA (PRWEB) May 26, 2006 -- Artemis Solutions Group announced today the immediate availability of their latest innovative product under the BioCert® product line the BioCert® ClipBio™ Pro 1GB Secure Fingerprint Flash Drive.




Advertisement
Access Your PC from Anywhere
The BioCert® ClipBio™ Pro 1GB biometric flash drive provides consumers with the latest in biometric technology to secure data, while allowing the user to securely control access to their private data with a touch of their fingerprint. The previous version of the ClipBio was featured in Forbes Magazine article "How to Travel Like a Billionaire 2006" at a price of $229.95.

The newly redesigned ClipBio Pro with 1GB of storage is attractively priced at nearly half the price of the previous model now only $129.95 through the companies website at

www.clipbio.com.

The most conservative estimates by Gartner® Dataquest puts the total unit volumes of USB Flash drives sold in 2005 at 84 Million pieces. But out of those sold how many are truly secure?

Developed in conjunction with Symwave® using their BioPrint® swipe fingerprint technology, the BioCert® ClipBio™ Pro 1GB Flash Drive uses advanced encryption methods and a secure biometric algorithm to authorize users access to their data on a secure partition on the ClipBio Pro.

Secured using AES 128 bit encryption, the secure partition of the BioCert® ClipBio™ Pro 1GB is only accessible when an authorized user swipes their fingerprint over the BioPrint® Sensor through the included Odyssey™ software.

On May 22nd, a story that shocked the nation was released to the press from the United States Department of Defense involving a Veterans Affairs employee having the personal data including the names, addresses medical conditions, and Social Security numbers of 26.5 Million US Veterans stolen from an unsecured disk located at his home.

Even though the Veterans Affairs Secretary, Jim Nicholson said there was no evidence that the data has been used for identity theft purposes, the fact that the data was in the hands of someone other than an authorized individual is a substantial breach of security and public trust. With personal identity theft representing a burgeoning problem throughout the US, this type of information being readily available represents a substantial risk to individuals, business, banking and eCommerce.

“Our BioCert® ClipBio™ Pro 1GB Flash Drive is designed to allow only authorized individuals to have access to your encrypted data stored on the secure partition. Customers have to authenticate their identity with a swipe of their fingerprint on the sensor. The ClipBio Pro is automatically recognized by PCs running the Windows XP operating system and the secure partition is only visible once the user is authenticated.

There are quite literally millions of these USB flash disks in circulation right now with all kinds of personal data on them including credit card numbers, credit reports, birth certificates, financial documents, tax returns and other readily identifiable personal data that could be used in identity theft.




Advertisement
All You Can Meet
Even though Government Employees are highlighted in the latest confidential information release scandal, business owners and executives don't fare much better with the protection of their "secure data". As an example, at many trade shows and conferences, industrial espionage is a legitimate concern as thieves are always looking to pick up a random BlackBerry, Cell Phone or unattended flash drive of an attending executive to gain competitive intelligence or confidential information.

The BioCert ClipBio and the new to be released iQBioDrive™ thwarts the would-be thieves and secures this confidential data with biometric security” states James Childers – CEO of Artemis Solutions Group (iQBio, Inc.)

Produced in conjunction with Symwave Corporation of San Diego California, the BioCert ClipBio Pro is powered by the Symwave BioPrint SW6888 swipe fingerprint IC.

"With increasing incidents of data theft, the need to secure portable devices is becoming increasingly important. We are excited to enable Artemis Solutions Group with our BioPrint fingerprint swipe sensor technology that provides both Security and Convenience to users of portable devices" says Jack Bell VP of Sales and Marketing at Symwave, Inc..

The BioCert ClipBio Pro is the first product from iQBio, Inc. to incorporate this sensor. iQBio, Inc. is currently in the process of developing a broad range of hardware and software products built around the SW6888 swipe sensor from Symwave including a 100GB iQBioDrive™ Secure Portable Storage™ Drive, desktop fingerprint sensor, integrated keyboard and optical mouse for PC Login, drive, file and folder encryption and single sign on (SSO) password capabilities for applications and websites. These products already in development and testing phases are expected to be released late Q2 or early Q3 2006.

In addition to the standard encryption and private directory software, the BioCert ClipBio Pro comes pre-bundled with a 30 day trial version of iQBioSync™ software developed in conjunction with Dmailer, Inc. iQBioSync allows the user to synchronize their information between PC's including documents, email and browser favorites. This software also allows a user to take their ClipBio Pro to any PC and use it as their own, with their data and email, even being able to send and receive email from a PC that does not have Microsoft Outlook Installed. A full version of the iQBioSync software can be purchased for $29.95.

The ClipBio Pro also includes a suite of open source portable applications including FireFox web browser, Thunderbird email client, OpenOffice Software Suite and ClamWin Antivirus. This suite of applications let any person take their ClipBio Pro to ANY PC with Windows XP loaded and run these applications directly from their flash drive leaving no trace of their application on the host PC. These products are distributed under the GNU open source license agreement. The iQBioSync software bundled with the Portable Application Suite allows any ClipBio Pro owner to open, save, share, store and email Microsoft Office fully compatible documents, pictures, spreadsheets, databases and other files directly from their ClipBio Pro. The complete BioCert ClipBio Pr solution offers a unparalleled combination of software portability and security – all with a swipe of your finger.

Functional, Stylish and Secure, The BioCert® ClipBio™ Pro is one of the most secure, innovative and advanced Personal Secure Portable Storage™ devices on the market. This plug-and-play Secure Portable Storage device may just become the most used accessory you own. Imagine, taking your files with you in an encrypted memory key that can only be opened with your fingerprint. At a value price point of $129.95 , the ClipBio Pro is perfect for Executives, Students, Business Owners, Bankers, Lawyers, Doctors and just about everyone else with a finger.

The BioCert® ClipBio™ Pro from Artemis Solutions Group is about to change the way you secure and travel with information. More information can be found on the web at www.clipbio.com.

About Artemis Solutions Group & iQBio, Inc. (www.iQBio.com) - ASG (www.artemis-usa.com) is a closely held, private security firm specializing in fingerprint biometric and smart card security solutions. With offices in the US, EU, Canada, Mexico and the United Kingdom, ASG sells directly and through its global network of resellers and system integrators best of breed biometric and smart card security systems to small & medium business and local government agencies throughout the world. ASG’s related company iQBio is tasked with design, supplier relations, manufacture and OEM manufacturing oversight and global sourcing, distribution and logistics of its solutions.

ASG markets a range of computer, software and consumer products under its properly registered and owned trademark BioCert® and BioSaf® through a network of domestic and international resellers and extensively on the Internet through their owned and operated websites.

About Symwave (www.symwave.com) - Symwave was founded in February 2001 by a team of leading analog/mixed signal IC design engineers. The BioPrint SW6888 swipe-type fingerprint IC solution is designed to provide fingerprint authentication and mouse-pad navigation functionality in power-sensitive and small form-factor application environments, such as mobile handsets, PDAs, laptop computers and direct-attached storage devices. The SW6888 combines proprietary sensing technology with ruggedized, small form factor design and leading-edge software, providing customers with a full fingerprint identification solution. The SW6888 swipe sensor was designed to be the most accurate, easily integrated, cost-effective fingerprint solution available for computing, consumer electronics and mobile devices.

About Dmailer (www.dmailer.com) - Located on the French Riviera and created in 2001, DMAILER is a privately held development and technology licensing company specialized in portable BACKUP & SYNCHRONIZATION software solutions for all sort of mobile devices (USB flash drives, Hard Disk drives, SD cards, mp3 players, iPods etc.). Our Mission is to provide the most innovative and best-in-class portable BACKUP & SYNCHRONIZATION software solutions for mobile device owners. We intend to be the leader in added value software for USB flash drives and mp3 players.

BioCert® and BioSaf® are registered trademarks of Artemis Solutions Group. iQBio™, iQBioSafe™, iQBioSync™, iQBioDrive™, Secure Portable Storage™ Odyssey™ Software and ClipBio™ are trademarks of Artemis Solutions Group. Symwave® and BioPrint® are registered trademarks of Symwave Inc.. All other trademarks are the property of their respective owners and companies.