Compliance / Managed Security / Regulations / Small Business / Tech Tips for Business Owners / Vulnerabilities

Compliance And Security: How Small Businesses Can Reduce Cost

Different facets of compliance management

Are you responsible for the ongoing effectiveness of your security strategy and compliance audits in your small business or organization?

Some of the main threats facing small businesses and organizations today include:

  • Data breaches,
  • The lack of  dedicated security expert on staff,
  • Being an easy target for hackers,
  • The tendency to mishandle device configuration settings  and
  • Staying in  compliance with state and federal laws and regulation.

A primary concern for any business owner is the guardianship of customer and business data from increasing external threats to security, and tougher compliance requirements in regulated industries.

As a matter of fact, today, organizations and businesses must manage, govern and ensure compliance for the overwhelming amount of data they produce, especially in the face of global legislation like CCPA and GDPR, rather than national regulations.” (more…)

Share

Comments Off on Compliance And Security: How Small Businesses Can Reduce Cost
February 21, 2020
Cloud Computing / Compliance / Enterprise Computing / Featured / Malware / Open Source / Security / Security Breach / Small Business / Vulnerabilities

Data Encryption Tools For The Mobile Business Executive

Infographic depicting various devices using data encryption.

Data encryption is not one of the security options most companies think of providing for their senior executives who use, and travel, with laptops, netbooks and tablets so they can stay productive even when on the road. This is even more true of corporate executives who sometimes demand anytime, anywhere access to data residing on corporate servers.

While the big corporations can afford to spend millions of dollars on data protection hardware and software., the same cannot be said of executives in small and medium-sized organizations, especially when it comes to loss of personal information, including credit card data, patient records or other financial information, stored by the company.

Data breaches happen and information is lost every day due to small mistakes that could have been avoided by using data encryption technologies. For small businesses, these data loss events can be devastating. (more…)

Share

Comments Off on Data Encryption Tools For The Mobile Business Executive
October 10, 2019
Compliance / Email and Spam / Privacy Matters / Security / Tech Tips for Business Owners

Why Your Small Business Or Organization Needs An Email Policy

Mail envelope containing a documenton on a computer screen.

Email is an important and necessary part of your business or organization. It provides an economical and instant means of communicating with staff, customers, and vendors – that’s both simple to use and enables increased efficiency. An email policy is required to protect this necessary business tool.

An email policy is a legal document that details your organization’s definition of acceptable use for the company email system. It should indicate who emails can be received from or sent to, as well as outline what constitutes appropriate content for work emails.

In addition, having an email policy will:

  • Protect the Organization from Liabilities:

When all employees read and sign an email policy, it proves they are aware and agree to the information contained in that policy. Should an email be sent that is not considered appropriate content according to the email policy, the employee, not the organization, would bear the brunt of liability for any damages or suits brought as a result of their sending an inappropriate email. (more…)

Share

Comments Off on Why Your Small Business Or Organization Needs An Email Policy
October 6, 2019
Compliance / Managed Services / Security / Tech Tips for Business Owners

Commercial Printers Need Patch Management for Better Productivity

Regular patch management is crucial for the security of the computer network of your business.

Patch Management by Tech PrognosisWhether it is from Microsoft, Adobe, Quark, Océ, Kodak, Xerox, or for SmartBoard, PitStop, Quite Imposing etc., patches are released by software vendors usually to address security issues or to provide bug fixes. Occasionally they enhance or add new features.

Because software security vulnerabilities are the most common ways through which malware can penetrate your computer network, patch management is a good security blanket. While antivirus solutions are great for detecting and removing malware once it is detected on your system, security patches are aimed at closing the doors that malware can use to reach to your system.

Since 2005, there have been over eleven million records breached, according to Privacy Rights Clearinghouse. And those are just from the publicly disclosed data breaches. The large majority of security vulnerabilities that led to those data breaches could have been fixed by applying the latest patches provided by software vendors. But as we know, commercial printers have unique environments with sometimes ridiculously outdated hardware and software – Novell 3.1 anyone? How about that DocuTech 1.0 with software that can only be fixed by that guy in California?

Then you have Canon, Xerox, and Océ with their servers and workstations that no one knows what they are doing other than we “just send files to them”. And you can’t update them either, or something will break. We still have a couple of those stuck on Windows XP, or Windows 7.

If you need more proof about the critical nature of patch management, according to ServiceNow, as noted in this article, a survey of nearly 3,000 cybersecurity professionals around the globe found that “almost half of organizations suffered a data breach in the last two years. Of these, the majority said that they had been breached because of a vulnerability—for which a patch was already available.” (more…)

Share

Comments Off on Commercial Printers Need Patch Management for Better Productivity
August 8, 2019
Cloud Computing / Compliance / Featured / Regulations / Security Breach / Software Patches / Web Technology

The DigiNotar Breach: Another Exposure of Negligence

In case you have not heard, another SSL Certificate provider, Dutch certificate authority DigiNotar, a subsidiary of Vasco Data Security, was breached recently and from the preliminary report coming from the company that did an audit, it looks pretty bad.

Some of the names in the list of bogus certificates generated by the attackers include Comodo, Google, Thawte, Microsoft, Mozilla, WindoswUpdate, WordPress’ MI6, the CIA, Facebook and Twitter. (more…)

Share

1 Comment
September 6, 2011
Compliance / Featured / Managed Services / Regulations / Security / Small Business

NBA Fines And Non-Compliance Lessons for SMBs

Regulations on the local, state and federal levels are on the rise and this is putting a lot of pressure on compliance efforts of Small and Medium-sized businesses (SMBs) and exposing the fact that these organizations can only avoid costly fines and/or lawsuits by maintaining strict compliance throughout their information management processes.

I found the recent fines levied by the NBA on two players – Kobe Bryant and Joachim Noah as a good lesson on the cost of non-compliance.

The NBA has consistently fined players who were in non-compliance of its rules and these violations range from the serious to what one could argue is the absurd – like kicking a ball in frustration, or throwing a basketball into the stands in celebration of a win.

Here is a sample of violations that could get an NBA entity in trouble:

  • derogatory slurs, flagrant fouls, speaking out against or complaining about poor officiating, altercations during a game, making comments about the collective bargaining negotiations, violating team rules,;
  • contact between NBA personnel and underclassmen, receiving 16,18 and 20 technical in one season [A player is automatically suspended for 1 game for his 16th, 18th, 20th etc technical foul in the regular season];
  • shoving another player in the face during a game, escalating an altercation, throwing a ball at a referee during a game, missing a shoot-around, fighting with a teammate, verbally abusing a referee;
  • leaving the court during a game, improper conduct toward a referee (whatever that means), conducting illegal draft workouts, failing to leave the court in a timely manner following an ejection;
  • removing jersey on the court, asking publicly to be traded or released, throwing a basketball into the stands during  game.

(more…)

Share

Comments Off on NBA Fines And Non-Compliance Lessons for SMBs
May 25, 2011