October 16, 2013 Added by:Hani Banayoti
Consider encryption at rest but make informed decisions about its value and protection afforded.
September 25, 2013 Added by:Matt Neely
Unlike traditional third-party solutions where the vendor is responsible for all or most of the security controls in the cloud, there are often cases where security professionals are responsible for managing and maintaining key security controls.
July 30, 2013 Added by:Jon Stout
You can be doing all the right things, adding immense value to your customer and helping your company build a great brand. When a contract changes even incumbents are suddenly “on the bench” or “between projects” or “on overhead” . You are no longer billable. As a result you have now moved from a profit-generator to a cost center. When this happens you are at risk.
July 17, 2013 Added by:Simon Moffatt
Two factor authentication solutions have been around for a number of years. While these additional processes certainly go some way to improve security, and reduce the significance of the account password, it highlights a few interesting issues, mainly that password based authentication is still a weak link.
July 11, 2013 Added by:Jan Valcke
Security is not an optional feature to be implemented after the horse has bolted. Lack of security may have severe consequences and can result in destructed corporate image, severe revenue losses and liability suits. Strong authentication alleviates a lot of security concerns and can help build customer trust, credibility and can even become a competitive advantage.
July 04, 2013 Added by:Jon Long
Recently I have had opportunities to observe several auditors defend why they believe the controls contained in their client's SSAE 16 reports are relevant to internal controls over financial reporting (ICFR).
July 03, 2013 Added by:Phil Cox
On January 25, 2013, the U.S. Department of Health and Human Services (HHS) released the Omnibus Rule, which finalized all the former interim rules for Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) compliance.
July 01, 2013 Added by:Joe Franscella
How often do cybersecurity reporters like to tell attack victims' stories? How often are victims willing to go on record about them? Answers: frequently and never.
June 28, 2013 Added by:Phil Cox
Anybody who works with central IT staff at larger enterprises recognize the common questions around security and compliance from professional InfoSec teams. Here are some of the general guidelines that all InfoSec departments should consider when thinking about cloud deployments.
June 24, 2013 Added by:Larry Karisny
Knowing the reality and reasons behind cyberattacks, it’s time to stop talking and start offering resolution to these serious problems. There is no "it won’t happen to me" anymore. We must immediately deploy prevention and detection technologies to our critical processes or frankly, we could lose it all.
June 19, 2013 Added by:Simon Moffatt
RESTful architectures have been the general buzz of websites for the last few years. The simplicity, scalability and statelessness of this approach to client-server communications has been adopted by many of the top social sites such as Twitter and Facebook. Why? Well, in their specific cases, developer adoption is a huge priority.
June 14, 2013 Added by:Vinod Mohan
Given the expanding threat landscape for the SMB and the increased demand for affordable IT security tools, here are five valuable tips for IT pros that help shed light on managing enterprise security on a budget.
June 04, 2013 Added by:Jon Long
"Irregardless" is not a word, and is not a substitute for irrespective or regardless. "Begging the question" is a logical fallacy, not a substitute for "...which raises the question...", and there is no such thing as an "SSAE 16 certification".
April 05, 2013 Added by:Simon Moffatt
As the devices becomes smarter, greater emphasis is placed on the data and services those devices access. Smartphones today come with a healthy array of encryption features, remote backup, remote data syncing for things like contacts, pictures and music, as well device syncing software like Dropbox. How much data is actually specifically related to the device?
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015