Blog
What You Need to Know About GDPR Compliance
By Roger Murray | April 4th, 2018 | Governance & IT Compliance
The General Data Protection Regulation (GDPR) is a regulation requiring businesses to protect the personal data and privacy of European Union (EU) citizens for transactions that occur within EU member states. Every company conducting business within the EU will need to comply to these strict new rules by May 25th which will likely cause concerns and heightened expectations for security teams due to the broad, yet stringent nature of the GDPR requirements.
Hilton Data Breach Results in $700,000 Penalty
By Roger Murray | November 13th, 2017 | Governance & IT Compliance
Hilton Hotels reached a settlement this month with New York Attorney General Eric T. Schneiderman and Vermont Attorney General TJ Donovan following two breaches in 2015. The settlement totaled $700,000
Security Awareness Training & Compliance Requirements
By Roger Murray | July 13th, 2017 | Governance & IT Compliance
Did you know there are over 8,500 different Local, State, and Federal standards & requirements your organization may be required to comply with? This staggering number can come as a surprise to many. That’s why we’ve taken the time to compile a list of the most common standards which may require your organization to implement … Continued
Why Your Business Needs a WISP
By Roger Murray | December 29th, 2016 | Governance & IT Compliance
Not having a written information security program (WISP) for your business could be putting your data at risk of not only theft, but substantial legal/punitive damages. The laws in Massachusetts enforce strict guidelines to safeguard any personal information of individuals stored on your network. Sadly, many SMBs brush it off as a minimal danger that … Continued
New HIPAA Guidelines on Ransomware Disclosures
By Roger Murray | August 1st, 2016 | Governance & IT Compliance
The Department of Health & Human Services for Civil Rights (OCR) has issued guidance on how to manage the increasing frequency of ransomware attacks toward healthcare providers. Ransomware is a malware which encrypts data until a ransom is paid to the hacker, who in return, will hopefully issue the encryption key to unlock the data … Continued
Top 3 VOIP Security Risks
By Roger Murray | July 6th, 2016 | Governance & IT Compliance
In today’s day and age we have become familiar and hopefully cautious when receiving strange emails with a random file attached. It’s unlikely that we would give it a second thought before deleting. This is because we recognize the need for cyber security to limit the onslaught of digital threats we receive on a seemingly … Continued
Are you *REALLY* PCI Compliant?
By Roger Murray | June 23rd, 2016 | Governance & IT Compliance
If your business processes credit cards or other forms of electronic payment, it is required to meet the standards established by the Payment Card Industry (PCI). That means not only retailers, but any establishment that accepts card payments in their place of business. If you don’t maintain PCI standards for compliance and suffer a data … Continued
SQL Server 2005 End of Support Deadline
By admin | October 22nd, 2015 | Governance & IT Compliance
Effective April 12, 2016 Microsoft will no longer be supporting SQL Server 2005. This means that as of that date Microsoft will no longer be pushing out security updates or hot fixes and, as a result, your organization could be left facing vulnerabilities such as: – Impaired function of applications based off of the SQL … Continued
A New Credit Card Format and PCI Compliance
By admin | August 26th, 2015 | Governance & IT Compliance
Finally, we are almost there! The United States is following the lead of other industrialized nations and converting its credit card format from the current magnetic strip to a card that contains a built-in computer chip. The chip makes it more difficult for hackers to steal, and since each transaction generates a random code (or … Continued