Security 101 - Learning Center
Let’s learn about Security & Compliance!
Not sure which way is up or down in the security & compliance world? Whats the difference between Risk Management and Risk Assessment? Look no further. Here you will find security training and educational articles to help you navigate the most common information security and compliance areas.
10 Essential Security Steps for Tech Startups
In the rapidly evolving digital landscape, technology startups are increasingly vulnerable to cyber threats and data breaches. On top of that… [read more]
What is the difference between PCI-DSS, HIPAA, SOC 2, NIST 800-171, NIST 800-53, ISO 27001 & FedRAMP?
The world of security and compliance can be an alphabet soup of acronyms and standards, but what do they all mean? What is the difference between … [read more]
Top 5 Most Effective Things a Company Can Do To Improve Their Cybersecurity
Cybersecurity has become a top priority for companies in today’s digital world. With the increasing number of cyber attacks, companies need to ensure they have proper measures in place to protect their sensitive data and systems. In this article, we will discuss the top 5 most effective things a company can do to improve their cybersecurity…. [read more]
What are IT Security Policies?
IT Security Policies are written documents which outline the standards your company will use protect its data, employees, and customers. Policies will outline the operation and security requirements that employees must meet when … [read more]
What is the ADPPA Privacy Act?
A new US data privacy bill aims to give you more control over information collected about you – and make businesses change how they handle data … [read more]
What is a Security Risk Assessment?
A Security Risk Assessment (or SRA) is an assessment that involves identifying the risks in your company, your technology and your processes to verify that controls are in place to safeguard against security threats. Security risk assessments are typically … [read more]
What is Penetration Testing?
You have probably heard the term Penetration Testing thrown around in security conversations, or seen it listed in a compliance requirements list, but what exactly is a penetration test? The short answer is this: A penetration test… [read more]
What is a SOC Audit?
SOC is an acronym that stands for Service Organization Controls and is an audit of a companies controls that are in place to help ensure the Security, Availability, Processing Integrity, Confidentiality and Privacy of their customers data… [read more]
What is a Disaster Recovery Plan?
A Disaster Recovery Plan (DRP) is a documented process or set of procedures to execute an organization’s disaster recovery process and recover a business IT infrastructure in the event of a disaster… [read more]
How to Prevent Ransomware Attacks In Your City Network
You may have read in the news lately about a new and growing threat to municipal computer networks, ransomware attacks. These attacks can be crippling, and can shut down entire cities for weeks or even months… [read more]
Ten IT Security Policies Every Organization Should Have
IT security policies are pivotal in the success of any organization. They are the backbone of all procedures and must align with the business’s principal mission and commitment to security… [read more]
How to secure a remote workforce
One of the only constants in IT, is change. And over the past few months, IT has been tasked with gargantuan task of keeping large, not-so-well prepared companies afloat in these strange times. The rapid shift to remote work forces has taken everyone by surprise… [read more]
Learn more about SOC & NIST 800-53 Compliance
Both SOC 2 and NIST 800-53 play a large role in regulatory compliance. Both aim to protect data in the cloud and are critical in today’s environments to ensure information security. The SOC 2 Framework and NIST 800-53 Publication go hand-in-hand, and adhering to both sets of controls will provide your company with sufficient data protection…. [read more]