Archive for 'Technical Security Standards' Category
Understanding Patch Management
It’s like a recall on your car… A Jolley | Hadaway Article. If you like to stay current on technology news, you’ve probably found it hard to ignore the recent stories about a major security problem with Intel processors, and the rush from software and hardware companies to mitigate the issue. Most of the solutions […]
Cybersanity in the Incident Response Age
Infotex is finally ready to say something about the Equifax Breach, the Ultimate Educational Moment. This Jolley | Hadaway article will explain why we’ve been silent, ’til now!
Forgotten But Not Gone: The Ex-Employee Risk
Failure to deprovision former employees presents a real risk to businesses. An article review. When terminating an employee you probably make sure that they turn in keys, access cards, and any other physical access credentials, but how sure are you that their electronic credentials have been revoked? A new study being highlighted by CIO Insight […]
Small Business Resource Page
Dan has whittled all the noise to five resources a Small Business Owner should investigate (and utilize).
When You Accidentally Go Open Source
32 TB of Windows 10-related source code is now available, for better or for worse… An article review. Releasing the source code for a project has been a common practice among some developers for decades now–proponents say allowing any interested parties to view the code makes for safer systems, preventing sneaky back doors and unintentional […]
Ten Must-Reads For Information Security Awareness
These titles should be on every professional’s list. An article review. If there’s one thing you can take away from the most recent installment of our annual T7 article, it’s that the threats we face when securing IT assets are a diverse and constantly evolving lot. That’s why staying current is one of the most […]
Digital Security Standard Compliance: Is It Enough?
While the credit card industry-backed program has good aspects, it should not replace the SOC-2. With the number of different security standards–and ways to test those standards–out there, it can be difficult to stay on top of just what is required, compliance wise, for a specific situation. Case in point, we recently had a client with […]
A Password Management Horror Story
Not having strong policies surrounding shared passwords could make your data a hostage An article review. Do you know who is in control of the various account credentials used by your organization’s employees? One Indianapolis company is, but only after a fired employee held a vital password hostage for $200,000 according to an article in […]
In-Memory Malware Hitting Banks Across The Globe
Residing almost entirely in memory, these new attacks are much harder to combat An article review. Our friend Wes Pollard at Home Bank turned us on to this story from Ars Technica about a rash of new malware attacks with a new twist: they reside almost entirely in a computer’s memory. Traditional attacks have installed […]
Alarming Recurring Finding
“Mal-Configured Secure E-Mail . . .” A new risk arises as Secure Messaging Enters the Late-Majority Adoption Phase! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . So we’re auditing a bank and they send us files using their shiny new “Secure E-Mail System” and guess […]