Tag Archives: Information Security

Mac Security Myths

No product or service can claim absolute security. Any that do should be met with a good measure of prudent skepticism. Let’s be clear: I’m not singling out Apple as a creator of inferior products or saying they don’t make quality products – far from… Continue reading

Windows 7 & Server 2008 – Time to Upgrade

The end of 2 beloved and notorious operating systems Microsoft Windows 7 & Server 2008 R2 is upon us. As of January 2020, Windows 7 and Windows server 2008 will no longer be supported. Much like you may remember the end of life for Windows… Continue reading

Why You Need HTTPS on Your Website

Most any web user can tell you when they visit a website that uses HTTPS. They know this by the green lock in browser or the HTTPS (vs. HTTP) in the address bar. This indicates that you can generally trust your connection to the site… Continue reading

Social Engineering Examples

Social engineering is a threat that faces organizations from small business to large enterprises. As we’ve explored multiple times on this site, there are few organizations that are truly prepared to address these types of threats. Social engineering attempts to coax, cajole, and manipulate others… Continue reading

Why Security Awareness Training

Enterprises invest in all the latest security technologies but often neglect an absolute fundamental component of information security – end users. Organizations can employ the best technology practices of next generation firewalls, anti-malware and intrusion prevention system. Corporations these days understand security should be ‘baked… Continue reading

WannaCry Ransomware – 5 Lessons Learned

Unfortunately malicious software is an everyday occurrence. As of Friday May 12th a massive ransomware attack dubbed WannaCry infected over 230,000 Windows computers in over 150 countries. It’s spread was fast and furious. WannaCry ransomware held the victims computer/data for ransom by encrypting it. Among… Continue reading

Addressing the Insider Threat

Technology is a powerful tool in assuring the confidentiality, availability and integrity of your critical data – but it is no failsafe. Even the best of breed technology deployed in a layer approach (defense in depth) will have flaws. The most well meaning and resourced… Continue reading

Protecting Against Malicious USB

If you found a random USB device what would you do with it? Would you be curious and plug it into your computer to find what juicy secrets it holds? Or would you leave it where you found it? Most often, unsuspecting, ill-informed users take… Continue reading

Average Cost of Data Breach Increases to $4M in 2016

Data breaches are no joke, they bring real risks & serious quantifiable costs. A data breach is a security incident in which sensitive or confidential information is copied, transmitted or stolen by an unauthorized party. This data can be anything from credit card records, PHI… Continue reading

Is Your Email HIPAA Compliant

Most health care providers and medical practices understand the basics of HIPAA compliance but often miss critical technical or operational details that leave them out of compliance. These technical details are far from inconsequential. Take the example of email. Many health care organizations (covered entities)… Continue reading