Archive for 'Technical Security Standards' Category
Our Lead Non-Technical Auditor takes a look at the new AIO Guidance… Architecture, Infrastructure, and Operations (AIO) is the latest booklet released by the Federal Financial Institutions Examination Council (FFIEC) in their line of IT Examination Handbooks. It is an update to their 2004 Operations booklet and, as the name implies, expands into the areas […]
A Timeline Update as of 02/22/21 An update to our Newest Employee’s FIRST Technical Article Another interim post-mortem review . . . . A Note About Updates: We have decided to leave the original article as it was originally posted and to update this post with any changes that have been made. You can see […]
A Timeline as of 01/24/2021 Our Newest Employee’s FIRST Technical Article Another interim post-mortem review . . . . A Note About Updates: We are leaving this article as is, but for any updates to the timeline, check the Autopsy of the SolarWinds Hack Timeline Update article! – Vigilize Introduction: As the managing […]
A Webinar-Movie Short Back by popular demand! Our Board Awareness Training program continues with this movie, entitled Vulnerability Management for Directors, that can be presented directly to your board of directors.
Known to be vulnerable since 2005, the algorithm will be phased out over the next several months… An article review. Things can move slowly in the world of cryptography, and for evidence of that one needs to look no further than SHA-1–the hash algorithm introduced in 1995, found to be vulnerable to attack in 2005 […]
Object Access Limitations. . . While offering some visibility, there are limitations to object access monitoring. If your organization has to comply with industry regulations such as GLBA, HIPAA, or Sarbanes Oxley, you know that maintaining data security and privacy are important, and one of the ways you can accomplish that is with object access […]
The first in our guest author series, this article by Eric Kroeger and Jason Mikolanis explains the difference between patch and vulnerability management.
It’s like a recall on your car… A Jolley | Hadaway Article. If you like to stay current on technology news, you’ve probably found it hard to ignore the recent stories about a major security problem with Intel processors, and the rush from software and hardware companies to mitigate the issue. Most of the solutions […]
Infotex is finally ready to say something about the Equifax Breach, the Ultimate Educational Moment. This Jolley | Hadaway article will explain why we’ve been silent, ’til now!
Failure to deprovision former employees presents a real risk to businesses. An article review. When terminating an employee you probably make sure that they turn in keys, access cards, and any other physical access credentials, but how sure are you that their electronic credentials have been revoked? A new study being highlighted by CIO Insight […]