Blog
The Era of the vCIO: What Is It and Does It Really Matter?
By Chris Souza | October 18th, 2018 | Governance & IT Compliance
As someone with several decades of experience as a managed services provider under my belt, I’m often struck by how quickly technology continues to change the world around us. Thanks to IT, entire industries have been disrupted over the last few years to the point where they barely resemble the initial functions from where they … Continued
To Comply, or Not to Comply: The Strategic Approach to IT Compliance
By Chris Souza | September 20th, 2018 | Governance & IT Compliance
I was talking to a prospective client the other day and the subject of DFARS/NIST DoD compliance came up. Obviously, cyber security is one of the most pressing issues of our age and when you’ve got the Department of Defense watching over you, that’s a pretty big deal. I asked him a little bit more … Continued
What You Need to Know About GDPR Compliance
By Roger Murray | April 4th, 2018 | Governance & IT Compliance
The General Data Protection Regulation (GDPR) is a regulation requiring businesses to protect the personal data and privacy of European Union (EU) citizens for transactions that occur within EU member states. Every company conducting business within the EU will need to comply to these strict new rules by May 25th which will likely cause concerns and heightened expectations for security teams due to the broad, yet stringent nature of the GDPR requirements.
Hilton Data Breach Results in $700,000 Penalty
By Roger Murray | November 13th, 2017 | Governance & IT Compliance
Hilton Hotels reached a settlement this month with New York Attorney General Eric T. Schneiderman and Vermont Attorney General TJ Donovan following two breaches in 2015. The settlement totaled $700,000
Security Awareness Training & Compliance Requirements
By Roger Murray | July 13th, 2017 | Governance & IT Compliance
Did you know there are over 8,500 different Local, State, and Federal standards & requirements your organization may be required to comply with? This staggering number can come as a surprise to many. That’s why we’ve taken the time to compile a list of the most common standards which may require your organization to implement … Continued
Why Your Business Needs a WISP
By Roger Murray | December 29th, 2016 | Governance & IT Compliance
Not having a written information security program (WISP) for your business could be putting your data at risk of not only theft, but substantial legal/punitive damages. The laws in Massachusetts enforce strict guidelines to safeguard any personal information of individuals stored on your network. Sadly, many SMBs brush it off as a minimal danger that … Continued
New HIPAA Guidelines on Ransomware Disclosures
By Roger Murray | August 1st, 2016 | Governance & IT Compliance
The Department of Health & Human Services for Civil Rights (OCR) has issued guidance on how to manage the increasing frequency of ransomware attacks toward healthcare providers. Ransomware is a malware which encrypts data until a ransom is paid to the hacker, who in return, will hopefully issue the encryption key to unlock the data … Continued
Top 3 VOIP Security Risks
By Roger Murray | July 6th, 2016 | Governance & IT Compliance
In today’s day and age we have become familiar and hopefully cautious when receiving strange emails with a random file attached. It’s unlikely that we would give it a second thought before deleting. This is because we recognize the need for cyber security to limit the onslaught of digital threats we receive on a seemingly … Continued
Are you *REALLY* PCI Compliant?
By Roger Murray | June 23rd, 2016 | Governance & IT Compliance
If your business processes credit cards or other forms of electronic payment, it is required to meet the standards established by the Payment Card Industry (PCI). That means not only retailers, but any establishment that accepts card payments in their place of business. If you don’t maintain PCI standards for compliance and suffer a data … Continued
SQL Server 2005 End of Support Deadline
By admin | October 22nd, 2015 | Governance & IT Compliance
Effective April 12, 2016 Microsoft will no longer be supporting SQL Server 2005. This means that as of that date Microsoft will no longer be pushing out security updates or hot fixes and, as a result, your organization could be left facing vulnerabilities such as: – Impaired function of applications based off of the SQL … Continued