Articles In Uncategorized

By Ken Phelan, Posted in Uncategorized

Game theorists like to look at game play as a way of modeling human behavior. One of their favorite games is called the prisoner’s dilemma. You’ve probably heard of it. In summary, it goes like this: You and a partner commit a crime. You’re not caught in the act, but the police bring you both downtown for questioning. The police put you in separate rooms and question you. At this point, the following outcomes are possible: Option 1 - You both keep quiet and each spend one year in jail... read more.

  • February 12, 2020

By Nancy Rand, Posted in Uncategorized

May 31, SecurityWeek – (International) 65 million users affected by Tumblr breach. Tumblr officials reported that as a precaution, they have reset all their customers’ passwords after an Australian security researcher found that a hacker under the online name, “peace_of_mind” posted the information of 50 million Tumblr accounts on a darknet Web site called, “The Real Deal” for a small sum of money. The same hacker was also seen selling millions of records of LinkedIn,, and Myspace users. Source ... read more.

  • June 01, 2016

By Nancy Rand, Posted in Uncategorized

May 20, The Register – (International) 60 percent of Androids exposed by new attack on mediaserver. A security researcher from Duo reported that about 60 percent of enterprise Android phones running Lollipop version 5 operating system (OS), KitKat version 4.4, and Marshmallow version 6 OS were susceptible to a Qualcomm Secure Execution Environment (QSEE) vulnerability after researchers discovered the flaw in the mediaserver component that could allow an attacker to gain complete control over the device by t... read more.

  • May 23, 2016

By Ken Phelan, Posted in Uncategorized

In Richard Thaler’s new book, Misbehaving: The Making of Behavioral Economics, he explains a number of risk management behaviors that are currently frustrating the IT Risk world. It’s a great read, and I highly recommend it if IT risk is part of your job. One of his discussions surrounds a group of senior executives at a large corporate conglomerate. He offered them the following scenario: Suppose you were offered an investment opportunity for your division that will yield one of two payoffs. After th... read more.

  • January 20, 2016

By Ken Phelan, Posted in Uncategorized

Every business builds itself around the needs for three constituencies - customers, employees, and owners. The CEO acronym is an easy way to remember them. There is always a balance, but generally one of them has a priority role. Customer-driven businesses start with customer experience as their priority. A lot of retail organizations have this focus. Nordstrom’s comes to mind. Service industry’s often make employees a priority, knowing that a good employee will make the service product shine. Starbucks... read more.

  • November 06, 2015

By Ken Phelan, Posted in Uncategorized

One of the things I like really like about my job is that I spend a lot of time out of my office, visiting clients. Conference calls and web meetings are fine, but nothing communicates like a face-to-face interaction. When you go to someone’s office you simply understand the situation better. One of the telling things I often run into in this physical inspection is something I call Cap-X bloat. Many organizations are fine when it comes to buying things, but they often don’t have the time to implement the... read more.

  • October 15, 2015

By Nancy Rand, Posted in Uncategorized

September 16, Reuters – (National) Homeland Security websites vulnerable to cyber attack: Audit. The Office of the Inspector General for DHS released a report September 15 citing several deficiencies within DHS’s information systems, including lapses in internal systems used by several agencies that may allow unauthorized individuals to gain access to sensitive data, and the need to establish a cyber-training program for analysts and investigators, among other findings. Source September 16, Threatpost –... read more.

  • September 18, 2015

By Ken Phelan, Posted in Uncategorized

It’s a longstanding joke among technologists. The only problem with technology is the people who use it. I think the joke needs an update. The only problem with technology platforms is applications. I was talking to some of my virtual desktop friends the other day. We were talking about their challenges in keeping a stable platform in the face of the corporate chaos. Every day brings new underlying challenges. There are new applications. There are new security requirements on a regular basis. Even the fo... read more.

  • September 08, 2015

By Ken Phelan, Posted in Uncategorized

I was out at Black Hat last week and I thought I’d sum up some of the things I learned for those of you who couldn’t make it - Top 10 things I learned at Black Hat: Hackers don’t look like they do in the movies. Well, some do, but not the majority of them. Hacking is less emo than you think. It’s also more boring than it looks on the movies. It’s really a long process of finding vulnerabilities in an environment and matching them to exploits. It’s more like data analysis than playing some kind of vid... read more.

  • August 19, 2015

By Timothy Karl, Posted in Uncategorized

Starting with Presentation Server 4.5, Citrix introduced a feature called Proximity Printing. This feature allows an administrator to control the assignment of network printers based on a user’s location using a combination of session printer policies and filters, e.g., mapping a network printer based on a client IP address, or a range of client IP addresses. With XenApp 6 and later versions, the client IP address filter changed, and the option to enter an IP address range was removed. The only option wi... read more.

  • July 09, 2015