Archive for 'Technical Security Standards' Category
Infotex is finally ready to say something about the Equifax Breach, the Ultimate Educational Moment. This Jolley | Hadaway article will explain why we’ve been silent, ’til now!
Failure to deprovision former employees presents a real risk to businesses. An article review. When terminating an employee you probably make sure that they turn in keys, access cards, and any other physical access credentials, but how sure are you that their electronic credentials have been revoked? A new study being highlighted by CIO Insight […]
Dan has whittled all the noise to five resources a Small Business Owner should investigate (and utilize).
32 TB of Windows 10-related source code is now available, for better or for worse… An article review. Releasing the source code for a project has been a common practice among some developers for decades now–proponents say allowing any interested parties to view the code makes for safer systems, preventing sneaky back doors and unintentional […]
These titles should be on every professional’s list. An article review. If there’s one thing you can take away from the most recent installment of our annual T7 article, it’s that the threats we face when securing IT assets are a diverse and constantly evolving lot. That’s why staying current is one of the most […]
While the credit card industry-backed program has good aspects, it should not replace the SOC-2. With the number of different security standards–and ways to test those standards–out there, it can be difficult to stay on top of just what is required, compliance wise, for a specific situation. Case in point, we recently had a client with […]
Not having strong policies surrounding shared passwords could make your data a hostage An article review. Do you know who is in control of the various account credentials used by your organization’s employees? One Indianapolis company is, but only after a fired employee held a vital password hostage for $200,000 according to an article in […]
Residing almost entirely in memory, these new attacks are much harder to combat An article review. Our friend Wes Pollard at Home Bank turned us on to this story from Ars Technica about a rash of new malware attacks with a new twist: they reside almost entirely in a computer’s memory. Traditional attacks have installed […]
“Mal-Configured Secure E-Mail . . .” A new risk arises as Secure Messaging Enters the Late-Majority Adoption Phase! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . So we’re auditing a bank and they send us files using their shiny new “Secure E-Mail System” and guess […]
Process Flow for Institutions . . . and why Dan loves the Cybersecurity Assessment Tool! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Real quick: What should you do to get started on understanding the new Cybersecurity Assessment Tool (and its impact on future […]