Stay up to date on the latest tech trends, IT news, and cybersecurity threats with our educational blog.

Audit / Compliance

Incorporating your lessons learned for Pandemic contingency planning considerations

Due to the ubiquity of technology within any business, contingency planning is a company-wide effort. Not only the planning, but the execution of the plan at any level will require the cooperation of business managers and technology managers.

Learn More
Cybersecurity Maturity Model Certification (CMMC)

From a quick assessment on what has been published thus far on the CMMC regulation and its overall goal, it appears that contractors lack of information security will no longer be tolerated by the DoD. Beginning with the introduction of the new regulation to the public in January of 2020, it is expected that new contractual requirements will include CMMC starting in June of 2020, and enforcement for current contractors starting in September of 2020.

Learn More
Understanding HIPAA: Starting with the Rules

The Health Insurance Portability and Accountability Act of 1996 establishes requirements for healthcare organizations with respect to ensuring security and privacy of protected healthcare information (PHI) and electronic protected healthcare information (ePHI). Broadly speaking, the overarching HIPAA principle for this type of data is that it is to remain private.

Learn More
Why Microsoft Office 365 Secure Score Isn't Enough

Microsoft Secure Score. If you’re an IT administrator or security professional in an organization that uses Office 365, then you’ve no doubt used the tool or at least heard the term. It started as Office 365 Secure Score, but it was renamed in April 2018 to reflect a wider range of elements being scored.

Learn More
How to approach the General Data Protection Regulation (GDPR) with a security framework

GDPR has been in place since May 25th, 2018 and has already been used in legal actions against companies, with over 200,000 cases reported within this first year. The law is expected to make a notable impact on companies, as it has considerable fines and penalties. Even when compared to HIPAA and FISMA, GDPR has the most threatening teeth of any law to date.

Learn More
Framework or Crash, the Choice is Yours!

Are you using a framework to establish your information security program? If not, I get it; it’s complicated. On a second thought, have you lost your mind? If you are starting from scratch, there is a knowledge barrier that appears to be very steep. Once you see it, you undoubtedly ask yourself, “is it worth the climb?”  Then, the next time you get on an airplane, ask yourself, “are pre-flight checklists worth the effort?”

Learn More
Characteristics of a Relevant Information Security Program: Communications

In a business environment where resources are limited, compliance requirements abound, and budgets are constantly challenged to meet cost containment targets, this article will explore a strategy to align information technology (IT), information security (IS), system and data owners (SDO), aka: your business units, and leadership.

Learn More
Why 14 Characters?

This blog/article/rant will cover a brief background of password cracking as well as the justification for SynerComm’s 14-character password recommendation.

Learn More
Intro To Active Directory Delegation

One of the most frequent questions I get from my CircleCityCon/DerbyCon Active Directory talk goes something like "You recommend that we delegate permissions in AD (as opposed to just dropping everything in Domain Admins), but I just inherited this domain and have no idea what delegation is. Help?" Well good news: 1) Delegation in AD isn't […]

Learn More
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram