Blog
Your Firewall Doesn’t Work the Way You Think It Does. An Introduction to Log Monitoring and Auditing
By Jeremy Louise | May 8th, 2019 | Business Operations Governance & IT Compliance
As part of my role at TSI, I meet with a wide range of different businesses. More often than not, when I ask about their current log monitoring efforts, people aren’t even sure what this really does, and are surprised to find how unequipped they’re cyber security strategy is. In this piece, I’d like to … Continued
Congress Revisits IoT Legislation: What You Need to Know
By Chris Souza | April 18th, 2019 | Business Operations Governance & IT Compliance
I was having lunch with one of my long-term MSP clients the other day, and we were discussing what the next ten years of his business might look like in relation to the technological advancements taking place all around us. He was particularly excited about the implications of the Internet of Things (or “IoT” for … Continued
10 Questions to Validate Your Security Strategy
By Jeremy Louise | December 3rd, 2018 | Governance & IT Compliance Network Security
There’s so much information out there about hacks, threats and cyber security in general that it can be natural to feel overwhelmed and fatigued. You understand that the consequences of leaving your business exposed are severe – but at the same time, you don’t know where to begin to address them. You may even have … Continued
The Era of the vCIO: What Is It and Does It Really Matter?
By Chris Souza | October 18th, 2018 | Governance & IT Compliance
As someone with several decades of experience as a managed services provider under my belt, I’m often struck by how quickly technology continues to change the world around us. Thanks to IT, entire industries have been disrupted over the last few years to the point where they barely resemble the initial functions from where they … Continued
To Comply, or Not to Comply: The Strategic Approach to IT Compliance
By Chris Souza | September 20th, 2018 | Governance & IT Compliance
I was talking to a prospective client the other day and the subject of DFARS/NIST DoD compliance came up. Obviously, cyber security is one of the most pressing issues of our age and when you’ve got the Department of Defense watching over you, that’s a pretty big deal. I asked him a little bit more … Continued
What You Need to Know About GDPR Compliance
By Roger Murray | April 4th, 2018 | Governance & IT Compliance
The General Data Protection Regulation (GDPR) is a regulation requiring businesses to protect the personal data and privacy of European Union (EU) citizens for transactions that occur within EU member states. Every company conducting business within the EU will need to comply to these strict new rules by May 25th which will likely cause concerns and heightened expectations for security teams due to the broad, yet stringent nature of the GDPR requirements.
Hilton Data Breach Results in $700,000 Penalty
By Roger Murray | November 13th, 2017 | Governance & IT Compliance
Hilton Hotels reached a settlement this month with New York Attorney General Eric T. Schneiderman and Vermont Attorney General TJ Donovan following two breaches in 2015. The settlement totaled $700,000
Security Awareness Training & Compliance Requirements
By Roger Murray | July 13th, 2017 | Governance & IT Compliance
Did you know there are over 8,500 different Local, State, and Federal standards & requirements your organization may be required to comply with? This staggering number can come as a surprise to many. That’s why we’ve taken the time to compile a list of the most common standards which may require your organization to implement … Continued
How To: Guard Against HIPAA Privacy Breach Fines & Violations
By Roger Murray | January 16th, 2017 | Governance & IT Compliance
In 2016, the Health Insurance Portability & Accountability Act (HIPAA) collected over 23 Million in Civil Money Penalties (CMPs) related to businesses violating patient data privacy provisions. Over half of the cases involved organizations who failed to even have a proper risk assessment conducted. The cost for violating HIPAA privacy protections continue to grow, which … Continued
Why Your Business Needs a WISP
By Roger Murray | December 29th, 2016 | Governance & IT Compliance
Not having a written information security program (WISP) for your business could be putting your data at risk of not only theft, but substantial legal/punitive damages. The laws in Massachusetts enforce strict guidelines to safeguard any personal information of individuals stored on your network. Sadly, many SMBs brush it off as a minimal danger that … Continued