ALL THINGS INFOSEC RSS

When you walk into a local store to buy a computer, many folks automatically assume that the products being sold there are safe by default, right?  Afterall, new products won't have bad content installed from a manufacturer...or will they? Check out this article, and see what you find out:  Rootkits hidden in computers   Protect your business, protect your clients.© We are the leverage you need.© We're here to help.©  TAI, Inc.©  2020 © DataSecurityPlan.Com.  All Rights Reserved.

For many who have never worked within INFOSEC, it can seem to be a very rigid industry, akin to the perception of perfection, i.e., whole and complete, seemingly untouchable with an impenetrable shield, which can sound similar to operating within an IRS or other government structure.  As you start to peel back the layers in time, you may find that perfection doesn't exist, yet there is fluidity and flexibility in often unexpected areas. Similar to humanity you will find that no perfection exists within business programs as there is a constant juggling act with balancing costs, operational functions, effective use...

ATTENTION ALL TAX PREPARERS AND FTC-DESIGNATED FINANCIAL INSTITUTIONS!!! Change is coming to the FTC GLBA Safeguards Rule.  Are you ready? Do you currently manage a security program for your business? Are you aware of the difference between completing a data security plan and effectively managing an information security program? Does the FTC consider your small business to be a financial institution, though you may not actually be operating as a financial institution? Do you know which steps you need to take to develop an information security program? We can provide you with affordable services in helping you to improve the...

DSPs are one key artifact supporting a larger information security program.  They are especially valuable in that they hold a wealth of information displaying the security posture of a program.  Multiple artifacts exist within an information security program, supporting the ultimate goal of mitigating information security risks of a program to a manageable level, such as business continuity plans, incident response plans, policies that showcase how business is conducted and more.  One key point to remember is that information security isn't about meeting a checklist of requirements, though comprehensive information must be included within programmatic documents:  Instead the larger and...

In reviewing the current GLBA requirements and recent discussions regarding proposed updates, no current safe harbor options exist for companies subject to GLBA; however, implementing a mature government framework such as NIST (and similar) will certainly reduce the possibility of compromise, where the focus is on risk mitigation versus checklist completion efforts. Protect your business, protect your clients.© We are the leverage you need.© We're here to help.©  TAI, Inc.©  2020 © DataSecurityPlan.Com.  All Rights Reserved.