The Five Most Shocking Things About the ChoicePoint Debacle

From a recent CSO Online article, The Five Most Shocking Things About the ChoicePoint Debacle:

Maybe it was the fact that this wasn't a hack. Personal information of nearly 145,000 people wasn't stolen from ChoicePoint. In fact, the company sold
the information to inadequately vetted bogus businesses—this when the
company itself helps other businesses verify creds. Maybe it was that
the people whose information was compromised
weren't customers of ChoicePoint, just accidental citizens of the vast
databases of the Alpharetta, Ga.-based information broker. Maybe it was
the way that ChoicePoint behaved after the breach: from an initial,
bumbling response that smacked of marketing, to a changing story about
what had happened and how the company was responding, to the revelation
that top executives had sold millions of dollars worth of stock between
the time the fraud was discovered and when it was announced to the

Or maybe it was this last twisted bit of irony: ChoicePoint chairman
and CEO Derek V. Smith had recently written two books about how
individuals can protect themselves in the information age.

You can't make this stuff up.

This article firmly clarifies the inherent fallacies in
information brokers.  They gather their information serendipitously,
purport to be experts in privacy, but are huge target for attackers.  The
information they contain is probably more valuable then most banks contain in their
vaults, but they secure it like old sales figures.  This article has too
many quotes worth reprinting, just find some time to read through it.


Big Firewalls reviewed

I just read a lengthy review
of enterprise firewalls that have all the add-ons: Deep packet inspection, IDP,
VPN, and High Availability.  Security Pipeline got all the big boys together:
Check Point Software Technologies' Next Generation With Application
Intelligence, CyberGuard Corp.'s TSP 7100 Security Appliance, Fortinet's
FortiGate-3600 Antivirus Firewall 2.8, Juniper Networks' NetScreen-ISG 2000,
Secure Computing's Sidewinder G2 and Symantec Corp.'s Symantec Gateway Security
5460 Appliance.
The bottom line: Jupiner pulled out ahead
due to raw performance and Fortinet pulled in a close second due to
affordability.  It was noted that the IDP add-on for the Juniper firewall was
not available for the test.
This is good news because I currently resell both Juniper and Netscreen.  It's nice to know that I am the right path regarding vendors.  I am still looking for a
good review for mid-sized products.  Check out the full review at:

A New Beginning

I have finally decided to jump on the blog bandwagon.  I have to
come to realize that my life up until recently was spent watching and
learning.  Now I am acting on the wisdom I have learned over the
years and would like to share what I have learned so far, plus what I
will learn as I fail and succeed in the future.  I thank you for
joining me and look forward to adding to the pool of knowledge.