Not just because it is becoming an issue of compliance. . . We all know the plot of your typical heist movie – a group of robbers seeks out special bits of information, such as PIN numbers, keycards, FOBs, and even biometrics, all to relentlessly gain entry to a secured vault. These vaults use several […]

Dan is joined by a Panel to discuss the FFIEC’s New AIO Guidance and how it may impact Technology Planning in the future.

Has the security effectiveness of VPNs passed? Another Technical Article by Tanvee Dhir! Why under scrutiny? VPNs (Virtual Private Networks) have been a cardinal piece for secure internet browsing for decades. They offer a secure and encrypted tunnel to transfer your data over the network whether in a home or an enterprise environment. Different vendors […]

Our Lead Non-Technical Auditor takes a look at the new AIO Guidance… Architecture, Infrastructure, and Operations (AIO) is the latest booklet released by the Federal Financial Institutions Examination Council (FFIEC) in their line of  IT Examination Handbooks. It is an update to their 2004 Operations booklet and, as the name implies, expands into the areas […]

A follow-up on Dan’s 2008 Password Manifesto On the NIST Publication on Digital Identity Guidelines Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . In June 2017, NIST released a special publication on digital identity, NIST SP 800-63, that is starting to get the attention […]

Employees working from home may find it more difficult to follow security policies… An article review. The surge in employees working from home during the pandemic created many headaches for IT departments around the world, many of whom had no telecommuting policies or procedures before the start… but what about the employees who had to […]

A Webinar-Movie In our current world of uncertainty there is at least one thing that is certain. Business needs to continue, and that means that it is important for managers to be able to meet with their team even if everyone is working remotely at this point. In this Webinar-Movie, Dan will compare virtual meeting […]

Lessons Learned from Zoom’s Rise… The only constant is change. An illustration of impermanence in information security. Zoom’s popularity is in a large part thanks to its ease of use and low cost. How can you go wrong with an application that is popular, cost effective, and easy to use? Good question, easy answer: security. […]

As more offices rely on working remotely, hackers are working to take advantage… An article review. As concerns over the coronavirus continue to mount, more Americans than ever are working remotely from their homes…and hackers are looking to take advantage of the situation.  That’s according to the Department of Homeland Security’s Cybersecurity and Infrastructure Security […]