Guidelines for Secure Use of Social Media by Federal Departments and Agencies, v1.0

November 30, 2009

Risks

Federal Government information systems are targeted by persistent, pervasive, aggressive threats.

In order to defend against rapidly evolving social media threats, departments and agencies should include a multi-layered approach in a risk management program, including risks to the individual, risks to the department or agency, and risks to the federal infrastructure.

Social media technologies such as Wikis, Blogs, and social networks are vulnerable to the following methods/techniques of cyber attacks: Spear phishing, Social Engineering, and Web Application Attacks

The Threat

Federal Government information systems are targeted by persistent, pervasive, aggressive threats. This is well known and documented, as stated in May of 2009 by Margaret Graves, Acting CIO for the Department of Homeland Security.

Recommendations

The following are a series of strategies and recommendations for federal departments, agencies, and policy makers to minimize risk.

Policy Controls

The safe use of social media is fundamentally a behavioral issue, not a technology issue.

Policy addressing behavior associated with protecting data would likely cover current social media technologies as well as future technologies. Policies for Web 2.0 technologies, blogs, wikis, social media sites, mash-ups, cloud computing, Web 3.0, outsourced e-mail, and other new technologies will remain extensible and applicable.

Acquisition Controls

When Federal agencies use hosted information systems, such as social media websites, they must have some level of risk management, mitigation, and acceptance of residual risk.

Most social media websites have a service subscription model that provides additional capabilities, or may be able to provide federal agencies with additional capabilities for a fee. This has already been demonstrated through modifications to Terms of Service (TOS) agreements by GSA.

http://www.cio.gov/Documents/Guidelines_for_Secure_Use_Social_Media_v01-0.pdf


First anniversary of the 26/11 attacks, Indians mourned the martyrs

November 26, 2009

http://www.natgeotv.co.in/Programmes/Main.aspx?Id=449


Sarbanes-Oxley Act & Section 302,404,409

November 25, 2009

The Sarbanes-Oxley Act of 2002 also known as the Public Company Accounting Reform and Investor Protection Act of 2002 is mandatory. ALL organizations, large and small, MUST comply.

Section 302

Corporate responsibility for Financial Activities

Public Company Officers must certify the accuracy of financial statements and must certify that statements fairly present the operations and financialcondition of the issuer.

It also requires material information that is used to generate reports be retained and made available to the public.

It Affects

This directly affects the IT and security departments because it is
primarily IT systems that generate these periodic reports and which control e-mail, the main method of communication within most organizations.

Section 404

Management Assessment of Internal Controls

Section 404 is the most pertinent section within SOX to issues surrounding information security. It addresses the necessity of corporate management to be fully accountable for the integrity of all data associated with their financials.

It states that management teams of public companies must establish and maintain adequate “Internal Controls” over their financial reporting systems to safeguard against unauthorized and improper use of financial information.

Internal Controls are defined as “all control methods a company uses to prevent, detect and correct errors and frauds that might get into financial statements”.

Section 409

Real Time Issuer Disclosure

Public Companies must be aware of, and declare, changes in their financial conditions or operations within 48 hours of material events.  All events which could affect a company’s finances, stock price or intellectual property (among otherthings) must be captured, documented with a process that can be audited and reported in a rapid fashion.

This includes operational risk with IT systems such as:

• Major or extended system outages
• Loss of critical data
• Security breaches
• Intellectual Property and Digital Rights Management issues
• Major computer virus and worm attacks


Pratibha Patil : First woman president to fly in a Sukhoi snaps taken from TV

November 25, 2009

Pratibha Patil : First woman president to fly in a Sukhoi snaps taken from TV


Pratibha Patil : First woman president to fly in a Sukhoi

November 25, 2009

Pratibha Patil is making history by becoming the first woman president to fly in a Sukhoi. 74-year-old Patil, who’s in a G-suit, will fly for 30 minutes from the IAF base at Lohegaon in Pune. Two Sukhois will escort the President’s flight


US Visa Types for Temporary Visitors

November 23, 2009

Check out the types of  Visa for Temporary Visitors into US

*What the abbreviations (above) mean:
Before applying for a visa at a U.S. Embassy abroad the following is required:
DOL = The U.S. employer must obtain foreign labor certification from the U.S. Department of Labor, prior to filing a petition with USCIS.
USCIS = DHS, United States Citizenship and Immigration Services (USCIS) must approve a petition, filed by the U.S. employer (or U.S. citizen, for fiancé petitions)
SEVIS = Program approval entered in the Student and Exchange Visitor Information System (SEVIS)
(NA) = Not Applicable – Means that additional approval by other government agencies is not required prior to applying for a visa at the U.S. Embassy abroad.

Source: http://travel.state.gov/visa/temp/types/types_1286.html


Fastest Growing Energy Companies in Asia & US : Platts report

November 23, 2009

As per the Platts report

“Asian companies made up more than 20% of the 50 fastest growing companies list, and also took 30% of the top 10 places in the Refining & Marketing category. Reliance Industries and Indian Oil Corporation were first and second, with TonenGeneral Sekiyu of Japan third.”


VoIP expect the growth to $20.7 billion

November 23, 2009

For the first half of 2009, the worldwide VoIP services market grew to $20.7 billion. Residential VoIP services remain healthy, comprising the majority of worldwide VoIP services revenue, and subscribers are up 14% from the end of 2008

Some of the highlights of Report: Infonetics Research

* IP connectivity services currently make up about a third of total VoIP business service revenue, growing to 40% of the total by 2013

* The current sweet spot of the North American IP Centrex market is small business

  • Roughly two-thirds of all IP Centrex seats sold in the first half of 2009 went to small businesses

* While the largest VoIP services opportunities are in North America and EMEA (Europe, Middle East, Africa), demand for VoIP services is growing fast in Asia Pacific and Central and Latin America

* For the first half of 2009, Japan’s NTT, France Telecom, and Comcast in North America retain their leadership as the world’s largest residential VoIP service providers, together holding nearly 20% of the world’s VoIP subscribers

* The number of residential/SOHO VoIP subscribers is forecast to top 225 million by 2013

Source: http://www.infonetics.com/pr/2009/1H09-VoIP-and-UC-Services-Market-Highlights.asp


Social Media Sites

November 5, 2009

Social Networking

1. Digg-:

Digg is a place for people to discover and share content from anywhere on the web. From the biggest online destinations to the most obscure blog, Digg surfaces the best stuff as voted on by our users.

digg

2. Flickr-:

Flickr – almost certainly the best online photo management and sharing application in the world

Flickr

 

3. FriendFeed-:

FriendFeed is a service that makes it easy to share with friends online. It offers a fun and interactive way to discover and discuss information among friends.

friendfeed

 

 

4. LinkedIn-:

LinkedIn is an interconnected network of experienced professionals from around the world, representing 170 industries and 200 countries

linkedin

 

5. Twitter-:

Twitter is a privately funded startup with offices in the SoMA neighborhood of San Francisco, CA. Started as a side project in March of 2006, Twitter has grown into a real-time short messaging service that works over multiple networks and devices.

twitter

 

6. YouTube-:

Founded in February 2005, YouTube is the leader in online video, and the premier destination to watch and share original videos worldwide through a Web experience.

YouTube allows people to easily upload and share video clips on http://www.YouTube.com and across the Internet through websites, mobile devices, blogs, and email.

YouTube

7. reddit-:

Users like you provide all of the content and decide, through voting, what’s good and what’s junk.
Links that receive community approval bubble up towards #1, so the front page is constantly in motion and (hopefully) filled with fresh, interesting links.

reddit


Sachin Tendulkar: Stats

November 5, 2009

Sachin Tendulkar stats