Uncategorized

Recently, my colleague Justin Kittle and I had the opportunity to present/discuss HIPAA Compliance in the AWS cloud with the Indianapolis Amazon Web Services (IndyAWS) meetup. We had a great time, especially with the good amount of healthy discussion and questions that were asked.

Justin serves as the IT Operations Manager for OurHealth, and I serve as the Director of Information Security. Our presentation covered the following topics:

• Healthcare and HIPAA definitions
• HIPAA requirements
• HIPAA eligible AWS services
• The AWS Shared Responsibility Model
• Meeting AWS’ compliance model

Links to the presentation materials are below:

• Youtube video recording
• Slides on SlideShare

Thanks!

-Noah

Well, for the third year in a row, I am pleased and humbled to announce that I was named a Cisco Champion for Security!

Here was the text of the email I received from the folks at Cisco that run the program:

Because of your impactful and valuable contributions to the IT community, you have been chosen out of hundreds of nominees to be part of the 2017 Cisco Champions program. Congratulations!

Cisco Champions is a global group of highly influential IT technical experts who enjoy sharing their knowledge, expertise, and thoughts across the social web and with Cisco. The Cisco Champions program encompasses people with interests across Cisco’s technology portfolio, including Data Center, IoT, Enterprise Networks, Collaboration, and Security.

I have truly enjoyed being a part of the Cisco Champions program over the past few years, including guest hosting the Cisco Champions Radio podcast, collaborating with other Cisco Champions on the Cisco Forums and in our Spark channels, and more!

Read More

Well, it’s official. I was pleasantly surprised to find out that for the second year in a row, I was named a Cisco Champion for Security!

Here was the text of the email I received from the kind folks at Cisco:

Hi Cisco Champions,

Because of your impactful and valuable contributions to the IT community, you have been chosen out of hundreds of nominees to be part of the 2016 Cisco Champion program. Congratulations!

Cisco Champions are a group of highly influential IT technical experts who enjoy sharing their knowledge, expertise, and thoughts across the social web and with Cisco. The Cisco Champion program encompasses a diverse set of areas such as Data Center, Internet of Things, Enterprise Networks, Collaboration, and Security. Cisco Champions are located all over the world.

I am humbled and honored to be named a Cisco Champion for Security in 2016. My original blog post regarding the 2015 announcement can be found here.

I truly enjoyed working with Cisco as part of the Champions program last year, including guest hosting the Cisco Champions Radio podcast, collaborating with other Cisco Champions on the Cisco Forums, and more! I look forward to doing more this year.

Read More

I am honored and pleased to announce that on September 30, 2015, I was presented with the 2015 ISC2 America’s Information Security Leadership Award (AISLA) in the Up and Coming Security Professional category!

Per ISC2’s press release:

“The Americas ISLA program recognizes the achievements of outstanding cyber and information security professionals who have led an industry initiative, program or project resulting in a more proficient, resilient workforce in Central, North and South America.”

(ISC)² CEO David Shearer says, “I’m proud to recognize deserving cyber, information, software and infrastructure professionals for improving industry workforce standards. We had an impressive pool of candidates this year. In fact, the submissions we received in the Senior Information Security Professional category were so outstanding that the judges chose three exceptional recipients. Congratulations all of the recipients, finalists and nominees who were a part of our fifth annual Americas ISLA program.”

Full press release can be found here: Press Release – Americas ISLA 2015 Recipients

More details on the AISLA program can be found here: https://www.isc2.org/aisla/default.aspx

Additionally, shameless plug, but I have posted this to my LinkedIn page as well.

Another day, another awesome looking tool. This time I’d like to introduce Gitrob, a tool that searches GitHub for sensitive company data.

As the developer/author Michael Henriksen points out in his blog post introducing the tool:

Gitrob is a command line tool that can help organizations and security professionals find such sensitive information. The tool will iterate over all public organization and member repositories and match filenames against a range of patterns for files that typically contain sensitive or dangerous information.

Much more detailed information, including how it works, is available in Michael’s blog post: http://michenriksen.com/blog/gitrob-putting-the-open-source-in-osint/

Not surprisingly, Michael has hosted the Gitrob code on GitHub here: https://github.com/michenriksen/gitrob

-Noah

After about three weeks of waiting, my Nest thermostat finally arrived. Well, three of them to be exact. One is for my house and the other two are for my Dad (one for my parents’ house and one for his office). So, with Valerie’s help, I set out to unbox and install my new Nest thermostat!

Step 1: Open the FedEx Package containing my new Nest thermostat. Looks like the guys at Nest did a good job of making sure these little guys didn’t get damaged in transit. Can’t ever have too much brown paper!

Read More

Just yesterday I was comparing the new Android OS-based HTC Evo and iPhone 4G’s hardware specifications and features as my 2-year contract with AT&T is up. With the supposed announcement of the iPhone 4G at Apple’s Worldwide Developer Conference, I wanted to determine my best course of action when purchasing a new phone (as it would most likely lock me into another 2-year contract).

As I was digging through a few news articles online, I found a few that mentioned AT&T had changed it’s pricing model for data plans. Wait WHAT?! For the past few years AT&T and Apple had touted the fact that you could pay $30 a month and have unlimited data on your iPhone (and subsequently iPad as well).

Today I found an article that pretty well sums up my feelings on the matter. Per Gizmodo: AT&T Just Killed Unlimited Wireless Data and Screwed Everybody in the Process

To recap AT&T’s new data plan structure: The $30 unlimited iPhone/iPad data plan is killed/gone (but existing subscribers will still be able to keep their existing unlimited plan/be grandfathered in). In its place, DataPlus w/200mb for $15/month, DataPro w/2gb for $25/month. This chart from Gizmodo’s article may make it easier to understand:

Read More

Apparently the suspicious knockoff iPhone that was found in a bar in Redwood City, California, is the real deal. It is the ACTUAL iPhone 4G!

For more info, see Gizmodo’s post here: http://gizmodo.com/5520164/this-is-apples-next-iphone

Per Gizmodo, here’s whats new:

• Front-facing video chat camera
• Improved regular back-camera (the lens is quite noticeably larger than the iPhone 3GS)
• Camera flash
• Micro-SIM instead of standard SIM (like the iPad)
• Improved display. It’s unclear if it’s the 960×460 display thrown around before?it certainly looks like it, with the “Connect to iTunes” screen displaying much higher resolution than on a 3GS.
• What looks to be a secondary mic for noise cancellation, at the top, next to the headphone jack
• Split buttons for volume
• Power, mute, and volume buttons are all metallic

Read more, including the changes from the current iPhone 3G norm