Industries: Healthcare

Card image

Building malware defenses: Control email, web browsers, and ports

Michelle Drolet

Another staple in a series examining the Center for Internet Security’s best practices. Our last article looked at applying Critical Security Controls 4, 5, and 6 to your organization, covering vulnerability assessment, administrative privileges, and audit logs. Now it’s time to move on to CSCs 7, 8, and 9. Email programs and web browsers are

Read more

3 Minute 32 Second Read

Card image

Applying more Critical Security Controls to your organization

Michelle Drolet

The last time we looked at how Critical Security Controls (CSC) can help you build your InfoSec framework, we covered getting a handle on your software and your hardware inventories. Today, we’re going to discuss the importance of continually assessing and remediating vulnerabilities, keeping a tight control of administrative privileges, and monitoring your audit logs.

Read more

3 Minute 33 Second Read

Card image

Cover your top 7 basic security threats first

Michelle Drolet

When it comes to infosec, many of the most core basics are being overlooked. Many of the most obvious areas where security can be tightened up with little effort are being blatantly ignored. Are you doing your level best by covering the basics? Below are seven potential vulnerabilities. Most of these can be tackled without

Read more

3 Minute 25 Second Read

Card image

How CSC can help build your InfoSec framework

Michelle Drolet

Critical Security Controls is a set of best practices devised by the Center for Internet Security, a nonprofit dedicated to improving cybersecurity in the public and private sectors. Cyberattacks are costing businesses between $400 billion and $500 billion per year, depending on which analysts you listen to. Cybersecurity has never been a hotter topic. The

Read more

3 Minute 49 Second Read

Card image

The evil that lurks inside mobile apps

Michelle Drolet

The Enterprise is at risk from malware and vulnerabilities hiding within mobile apps. You have to test your mobile apps to preserve your security. Mobile apps are ubiquitous now, and they offer a range of business benefits, but they also represent one of the most serious security risks ever to face the enterprise. The mixing

Read more

3 Minute 44 Second Read

Card image

5 myths about data encryption

Michelle Drolet

Encryption has a bad rap and far too often protection schemes are deployed foolishly without encryption in hopes of protecting data. t’s a heartache, nothing but a heartache. Hits you when it’s too late, hits you when you’re down. It’s a fools’ game, nothing but a fool’s game. Standing in the cold rain, feeling like

Read more

3 Minute 44 Second Read

Card image

‘Get Smart’ when it comes to using cloud-based services for file sharing

Michelle Drolet

Encrypting data on your own might be the smartest move. For those of you old enough to remember the TV comedy series “Get Smart” featuring a spy that used his shoe for a phone, the good guys belonged to an agency called “Control,” and the bad guys were affiliated with “Chaos.” This month “Get Smart”

Read more

3 Minute 14 Second Read

Card image

10 Things I Know About… Mass. data security rules

Michelle Drolet

10. You need a WISP. A written information security policy, or WISP, is vital. Make sure there’s a person in charge of enforcing it. 9. Always encrypt data. Sensitive data, especially personally identifiable information, must be encrypted at all times, from the server, to the cloud, to a laptop or USB drive. 8. Check your

Read more

1 Minute 20 Second Read

Card image

Software vulnerabilities hit a record high in 2014, report says

Michelle Drolet

Are you patching quickly enough? How safe is the software you use? Do you have a system in place to identify vulnerabilities and patch them when they are discovered? How quickly do you react to vulnerability reports? There’s evidence that software vulnerabilities are on the rise, and few companies are taking the necessary action to

Read more

3 Minute 10 Second Read

Card image

Using third-party vendors? Keep a close eye on them

Michelle Drolet

Cybersecurity is only as strong as the weakest link. If your organization is using third-party vendors, policing their activity is critical to cybersecurity. Few can forget the theft of 110 million customer credit cards from Target in December 2013. But not as many know how hackers gained access to such a vast amount of sensitive

Read more

3 Minute 45 Second Read