Security Policy Development & Implementation Archives - Page 6 of 10

2015 International Compendium of Data Privacy Laws

Michelle Drolet

Privacy and data protection issues confront all organizations—whether you handle employee information, credit card data, sensitive financial information, or trade secrets. Securing data is a daunting task that is further complicated by cross-border transfer issues and the differences in privacy laws around the world. The team at BakerHostetler has developed a prompt and practical PDF

0 Minute 21 Second Read

Ransomware is only getting worse. How do you prepare for it?

Michelle Drolet

Ransomware-as-a-service, help desks, third parties — all point to a mature yet illegal enterprise undergoing serious growth. Here are tips to protect yourself and your company. Ransomware is big business. Over the last few years we’ve observed the steady rise of ransomware, with some trepidation. It is fast becoming a multi-billion dollar business, and it’s

3 Minute 49 Second Read

5 Information Security Trends for 2016

Michelle Drolet

Online security trends continue to evolve. This year, online extortion will become more prevalent. We also expect that at least one consumer-grade IoT smart device failure will be lethal. Ransomware will make further inroads, since the majority go unreported. China will drive mobile malware growth to 20M, and cybercrime legislation will take a significant step

3 Minute 16 Second Read

Building malware defenses: Control email, web browsers, and ports

Michelle Drolet

Another staple in a series examining the Center for Internet Security’s best practices. Our last article looked at applying Critical Security Controls 4, 5, and 6 to your organization, covering vulnerability assessment, administrative privileges, and audit logs. Now it’s time to move on to CSCs 7, 8, and 9. Email programs and web browsers are

3 Minute 32 Second Read

Applying more Critical Security Controls to your organization

Michelle Drolet

The last time we looked at how Critical Security Controls (CSC) can help you build your InfoSec framework, we covered getting a handle on your software and your hardware inventories. Today, we’re going to discuss the importance of continually assessing and remediating vulnerabilities, keeping a tight control of administrative privileges, and monitoring your audit logs.

3 Minute 33 Second Read

‘Get Smart’ when it comes to using cloud-based services for file sharing

Michelle Drolet

Encrypting data on your own might be the smartest move. For those of you old enough to remember the TV comedy series “Get Smart” featuring a spy that used his shoe for a phone, the good guys belonged to an agency called “Control,” and the bad guys were affiliated with “Chaos.” This month “Get Smart”

3 Minute 14 Second Read

10 Things I Know About… Mass. data security rules

Michelle Drolet

10. You need a WISP. A written information security policy, or WISP, is vital. Make sure there’s a person in charge of enforcing it. 9. Always encrypt data. Sensitive data, especially personally identifiable information, must be encrypted at all times, from the server, to the cloud, to a laptop or USB drive. 8. Check your

1 Minute 20 Second Read

Why every business needs a WISP

Michelle Drolet

Non-compliance is a risk, and the Attorney General’s office carries a big stick for those who don’t follow the rules. If you don’t have a written information security program (WISP) in place for your business, then you could be risking data theft, legal action, and punitive fines. The law in many states now dictates that

3 Minute 55 Second Read

Using third-party vendors? Keep a close eye on them

Michelle Drolet

Cybersecurity is only as strong as the weakest link. If your organization is using third-party vendors, policing their activity is critical to cybersecurity. Few can forget the theft of 110 million customer credit cards from Target in December 2013. But not as many know how hackers gained access to such a vast amount of sensitive

3 Minute 45 Second Read

Don’t be mad at ransomware attackers, be grateful

Michelle Drolet

Falling victim to a ransomware attack is most definitely inconvenient, but it could also serve as a wake-up call to the importance of backing up important data. You’re minding your own business, sitting at your office computer. Suddenly, a pop-up appears – with the logo of the FBI – warning that you’re under investigation for

4 Minute 26 Second Read

Our Cybersecurity Solutions

Virtual Security Officer

We Advise

Industries

Trends & Threats

Knowledge Hub

Our Company

Solutions: Security Policy Development & Implementation

Ransomware is only getting worse. How do you prepare for it?

5 Information Security Trends for 2016

Building malware defenses: Control email, web browsers, and ports

Applying more Critical Security Controls to your organization

‘Get Smart’ when it comes to using cloud-based services for file sharing

10 Things I Know About… Mass. data security rules

Using third-party vendors? Keep a close eye on them

Don’t be mad at ransomware attackers, be grateful

Talk with us now about:

Your security needs.

Call 774.204.0700

Email Us