Inside the Stanford Breach: Sexual Assault, Disciplinary and Financial Data Exposed

A series of cybersecurity vulnerabilities at Stanford University exposed thousands of sensitive files containing details of sexual assault investigations, disciplinary actions and more. The details of what happened—and why it should be an object lesson for higher education. A special three-part blog series.
云计算时代来临,IT外包是个大方向,除了技术和市场销售之外,云服务商的IT服务管理也是核心竞争力,组织的信息安全人员需更多考虑IT外包服务中的IT服务安全管理。
Craig A. Newman of Patterson Belknap writes:
Part 1
In three separate data security incidents over the past year at Stanford University, thousands of digital files were left exposed for months – perhaps longer – that contained details of sexual assault investigations, disciplinary actions and financial aid decisions on the school’s campus-wide IT network.

In a post Friday, the school admitted that “misconfigured permissions” – the gateways used to access databases and files – on two of the school’s file-sharing programs exposed “reports of sexual violence and some confidential student disciplinary information from six to 10 years ago” and “the personal information of nearly 10,000 non-teaching staff who were employed throughout the university in August 2008, as well as confidential financial aid information for MBA students.”
安泰科技控股子公司成立合资公司
Read more on Patterson Belknap Data Security Law Blog.
渗透测试对保护网络安全十分重要,聘请独立的商业黑客进行渗透攻击方面的测试,对于发现信息安全防护方面的弱点和问题很有帮助,这些并不是自身很容易发现和修复的安全隐患。

猜您喜欢

触摸智造北京站 中国制造业上云难:数据安全困局待破
智能穿戴设备的安全议题探讨及建议
Cyber Security Law 网络安全法宣传视频系列001
当今国际上自称永不参战的9个国家
CREAMU GLOBALAPO
EHS专员想都不敢想的EHS动画教程