Pratum Blog

ISSA Des Moines Chapter Meeting
DATE: 2/22
TIME: 11:30 (Please RSVP for a box lunch - cost $9.00)
LOCATION: BCSSI West Des Moines ( for directions)
TOPIC: "Oracle Security Risks" by Stephen Kost, CTO Integrigy Corporation

For most IT security professionals, the Oracle Database is a security challenge due to the complexity of the database and lack of database experience, especially as these databases often contain an organizations most critical data. This presentation will focus on a few of the highest risk and most difficult to solve security risks in an Oracle Database environment including security vulnerabilities, password weaknesses, and generic privileged access. To highlight the unrealized risk of security vulnerabilities in the database, a number of actual patched and un-patched security issues will be demonstrated. In order to mitigate these risks, resources and best practices for securing an organization's database will be discussed.

Stephen Kost is the Chief Technology Officer for Integrigy Corporation. He has been writing about and presenting on Oracle security and auditing for the past 11 years. He has worked with Oracle products since 1994 in many roles including database administrator, technical architect, IT security auditor, and applications administrator.

The Des Moines chapter of the Information Systems Security Association (ISSA) will be holding our monthly meeting on Monday January 25th from 11:30 to 1:00pm in West Des Moines.  Jim Libersky from the Barrier Group will be presenting "Inspecting all 7 OSI layers simultaneously and putting it all together is more important today than ever". 

The Barrier Group will also be sponsoring the meeting and providing lunch for all attendees.  Please contact me to RSVP and get directions to the meeting location.

Presenter: Jim Libersky
Topic: "Inspecting all 7 OSI layers simultaneously and putting it all together is more important today than ever". 
Date: 1/25/2010
Time: 11:30 - 1:00
Cost: Free

The Connecticut Attorney General’s office has announced it is filing a lawsuit against Health Net of Connecticut for failure to protect personal health information (PHI) covered under HIPAA. The recent Health Information Technology for Economic and Clinical Health (HITECH) Act gives states attorneys general the authority to pursue legal action for HIPAA violations on behalf of the residents of their states.

This case is significant as it is the first action taken by an attorney general under these new guidelines. We should follow this case closely to see what the impact will be on other states. While each district court may rule differently, this nonetheless creates precedence and case law where none exists today.

Any organization with PHI in your possession, take note. This enforcement action has been taken less than 12 months into this new legislation. You can expect to see more of this in the news very soon. Please protect your data so you are not the next poster child for poor data protection practices.

Get our blog posts delivered to your inbox:

The information we track while users are on our websites helps us analyze site traffic, optimize site performance, improve our services, and identify new products and services of interest to our users. To learn more please see our Privacy Policy.