Category: Uncategorized

New Information Systems Security  Self-assessment Guide Hits The Streets 0

New Information Systems Security Self-assessment Guide Hits The Streets

In September, the National Institute of Standards and Technology (NIST) released a security self-assessment guide to help both governmental agencies and civilian commercial organizations with a standardized assessment tool to verify and validate their security implementations.

Recognizing that security of operational and customer information and the systems that process the information are a fundamental responsibility for IT management, organizations need to:
· Plan for security
· Ensure that the appropriate personnel are assigned specific security responsibilities
· Authorize system processing prior to operations regularly thereafter

These management responsibilities presume that responsible officials understand the risks and other factors that could adversely affect their goals. Furthermore, E-commerce and other information systems managers must clearly understand the current status of their security programs and the controls in place prior to making informed judgments and investments that appropriately mitigate risk to acceptable levels.

NIST is recommending self-assessment as one vehicle to measure information …


Give Me Liberty Or Give Me Microsoft!

In early October 2001, Sun Microsystems and 32 charter member companies formed the Liberty Alliance to give Microsoft’s Passport technology a run for its money.

In a move to solve the identity services growing crisis of proliferating IDs and passwords, Project Liberty ( aims to offer federated identity services to the billion or so customers represented within the alliance. The alliances’ principle of federated ID services is in direct contrast to MS Passport and .Net services from Microsoft. The alliance grows concerned that a centralized solution like Passport gives a provider too much control over personal information, and is too irresistible to pass up cross-marketing possibilities.

While the Liberty Alliance has no specification yet, the members are engaged a dialogue to develop a common approach to identity services on the Internet without compromising privacy controls or centralizing too much control within a handful of companies.

Comparing Services Here’s a quick …


CashX Prepaid Visa Cards For Online Payments

CashX is the first prepaid Visa card that enables online payments wherever Visa-branded cards are accepted.

CashX cards are currently available through select retail outlets in the Southwest US, including 96 Giant gas stations and on campus at Arizona State University. CashX cards will soon be available on the CashX Web Site ( as well. Based out of Scottsdale, Arizona, CashX began operations in 1999 in partnership with: Total System Services, Columbus Bank and Trust, and Visa USA to provide the pre-paid card issuance and processing platform as an alternative to traditional credit, debit, and charge cards.

CashX cites these benefits to using the cards:
* Buying Power – shop everywhere online that accepts Visa
* Simplicity – easy to get and easy to use
* Security – protection against credit card fraud
* Savings – great deals with coupons, sales, and specials
* Flexibility – shop with CashX from …


CyberSource Internet Fraud Screen enhanced by Visa 5.0

Unquestionably, the biggest obstacle to the future of successful online business today is credit card fraud. According to Meridien Research, without any technological investments in fraud detection and prevention, worldwide credit card fraud will represent $15.5 billion in losses in 2005. If merchants adopt technology now to help screen credit card orders prior to processing, the widespread use of this technology is predicted to cut overall losses by two-thirds to $5.7 in 2005.

The Internet Fraud Screen (IFS) system enhanced by Visa, from Cybersource Inc. ( is intended as one of these technologies to reduce credit card fraud orders. It automatically screens online orders in real time to both minimize fraud risk and maximize automated sales conversion.

CyberSource and Visa USA ( are co-developing, promoting and expanding the capabilities of the CyberSource Internet Fraud Screen 5.0 enhanced by Visa. The Cybersource and Visa USA relationship is also involved in the …


It’s No Mirage, It’s Our Tech Oasis

For quite some time, Arizona has been one of the most cost-effective states in the country to operate a technology business in. The cost of living is lower here than in many states offering similar levels of business support resources, including available staff.

There are many technology groups in the Valley…networking groups that help Arizona tech businesses and the community in a number of ways. These organizations tend to give back to the community much more than they take. One organization that I have recently become a part of again is irecon, at irecon (all lower case) is just one example of a number of Arizona technology groups that go to extremes to serve the community. Several members of irecon are members of the board of the East Valley Boys and Girls Club. They participate in events, provide guidance to the organization and even assist in the area of …


Gigs-To-Go; World’s Smallest USB HDD Device Proves It’s Worth Its Weight In Platinum

It’s small, it’s light, and it has a leather jacket that makes it look better-dressed than most people I know. It’s the world’s smallest multi-gig USB HDD storage device, and it’s poised to take the country by storm.

While others I know have been bragging about little sticks of memory that plug into USB ports and give you about the same storage as a ZIP disk before breaking your wallet, a Scottsdale, Arizona-based company, Anypak Peripheral Devices, Inc. has quietly been preparing itself to lead the portable storage market. Anypak’s new USB 2.0 2.5″ Hard Disk Drive Type storage device is backward-compatible with older USB ports and holds 20, 30 or up to 40 Gigabytes of storage. It contains a mini hard drive and a USB interface. All of this in a tiny package that is more narrow than a pack of cigarettes, and just about as tall. It weighs …


Mastercard’s Response to the Online Payments Quandary

Now that 2016 is well underway (thank heavens!), it’s time to take a sneak peek into another major industry initiative that will affect how you process credit cards online beginning later in 2002. For purposes of equal coverage and to set the stage for next month’s Computer Buyer column on Cyota Inc., it’s instructive to examine what Mastercard International has been up to in securing payment card transactions.

Since it’s apparent that the Secure Electronic Transaction (SET) coffin has received its final set of nails by Visa and MasterCard (at least in the US), two payment card protocol specifications are on developer radar screens, and we’ll be seeing a bevy of products that support BOTH the Verified by Visa (aka VbV, aka 3-Domain Secure, aka Visa Authenticated Payments, aka Visa Payer Authentication) and Mastercard’s Secure Payment Application (SPA). This month, we’ll take a closer look at SPA.

Mastercard Objections to …


Cyota’s SecureSuite Accelerates Internet Credit Card Payments

In response to increasing pressure by the bankcard associations — Visa and MasterCard — to improve the security of online credit and debit card payments, Cyota Inc. of New York is rapidly signing up major US banks and acquirers across the country to their SecureSuite service.

SecureSuite is being offered as an Application Service Provider (ASP) model to issuer banks that supports Visa’s Verified by Visa (VbV) service, MasterCard’s Secure Payment Application (SPA), and other card security mechanisms intended to help eliminate card fraud and unnecessary costly processing related to card-not-present transactions.

In December 2001, Bank of America launched the VbV service to their cardholders and in January 2002 First USA Bank launched VbV to First and Bank One cardholders. In January, Visa began a nationwide TV advertising campaign for Verified by Visa to increase awareness and encourage cardholders and merchants to sign-up and participate. Both banks are employing the


CK Ads are cool!

“There is no aphrodisiac like innocence,” wrote the uncanny French philosopher Jean Baudrillard in his autobiography Cool Memories ten years ago. Perhaps he was thinking of all those suggestive Calvin Klein billboards and TV spots of a 15-year-old Brooke Shields bragging that “Nothing comes between me and my Calvins,” to which we were subjected in the early ’80s.1 Despite his mush-mouthed protests to the contrary, it’s obvious that Klein was still banking on the erotic selling power of innocence when he hired photographer Steven (Madonna’s Sex) Meisel to create a ’70s low-budget teensploitation porno-looking ad campaign for his increasingly un-hip designer jeans last year. However, despite the incredibly shrill response to Klein’s “exploitation of the innocence of children” on the part of well-intentioned child welfare advocates and Catholic League mothers across the nation (a response which was — surprise, surprise — incredibly profitable for Klein), nowhere in the resulting media …


Making Good Media Advertisments

Near the end of the last century, manufacturers discovered that associating their products with identifiable characters helped customers remember their product names. This observation — so obvious to us now — was a major revelation to the businesses of the time. As competition increased, the need for more effective advertising also increased. Ad characters proliferated. Most characters eventually fall by the wayside when the public loses interest in them. A few, such as the Quaker Oats man, Aunt Jemima, and Mr. Peanut, have proved so effective that they are still going strong nearly a century after their introduction.…