HIPAA is one of the essential provisions that seek to safeguard the interests of patients as well as organizations covered under the act. In spite of repeated awareness campaigns, organizations still trip up when it comes to preparing for a HIPAA security assessment. As online threats that seek to penetrate into healthcare systems grow more advanced, the need for a security policy that can protect the...
Read More
Dynamic technological development has made IT security a matter of paramount importance and concern to all companies in the healthcare sector which has seen large-scale data breaches worryingly often in recent times. Forbes reports the exposure of a staggering 4.1 billion compromised records due to data breaches in the first half of 2019. Such data breaches cost the healthcare $6.5 million on an average, a...
Read More
Assume for a moment the following events happened within the past few days at ABC Company located in Anytown, USA: A kitchen fire on another floor in the building resulted in a building evacuation at 1pm on Monday The internet connection went down at headquarters at 8am on Tuesday A junior employee’s laptop, placed in an overhead bin, was stolen sometime during a late morning...
Read More
Cybersecurity has taken a center stage in the business world of the 21stcentury. As a majority of business and financial operations are conducted in the form of interactions between computer systems over the internet, the threats to business processes from sophisticated cyber-attacks are also increasing at an alarming rate. In such a scenario it becomes imperative for organizations to conduct professional cybersecurity assessments on a time-bound...
Read More
Just about every device nowadays is equipped with a wireless radio. This has made life easier for IT teams: Network cabling no longer needs to run to every desk, every system, or every printer. The conference room now has a Smart TV, a wireless sound system, and every employee and executive carries two, three, or even four wireless devices (laptop, phone, tablet, and smart watch)....
Read More
A hacked website represents a company that is not only closed for business, but also subject to potential finger-wagging in the media. As of 2019, every single website should be secured with an SSL certificate—at a minimum. There are more and more resources that offer free SSL certificates and the installation of these certificates is getting easier and easier to accomplish, even for the lay...
Read More
Security on the web is of paramount importance and it is clear: Compromised credentials are the principal vector of cyber-attacks. With breaches and compromises happening regularly, there is one easy way to vastly improve account and operational security: multi-factor authentication. The most common form of multi-factor authentication is two-factor authentication, a method of ensuring identity by requiring not just the traditional username and password but...
Read More
The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. FISMA – the Federal Information Security Modernization Act – requires that agencies authorize the information systems that they use. FedRAMP is FISMA for the cloud. The FedRAMP Policy Memo requires Federal Agencies to use FedRAMP when assessing,...
Read More
Information Security Risk Management, in simple terms, is an ongoing process through which risks related to the use of information technology are first identified and then addressed. To achieve this goal certain steps come into play starting with identifying the risks, then assessing them, followed by treating them depending on each organization’s resources. Treating security risks based on the organizations policy is the final objective...
Read More
The advancements made in technology are staggering. Consider this for a moment: We carry smartphones in our pockets that have considerably more computing power than was housed in entire buildings in the 1960s. Furthermore, our pocket-sized phones are mobile computing platforms with the power to not only make and receive worldwide calls wirelessly, they can browse the internet, stream music, take and edit high-resolution photographs...
Read More
