Compliance

Compliance And Security: How Small Businesses Can Reduce Cost

by

Different facets of compliance management

Are you responsible for the ongoing effectiveness of your security strategy and compliance audits in your small business or organization?

Some of the main threats facing small businesses and organizations today include:

  • Data breaches,
  • The lack of  dedicated security expert on staff,
  • Being an easy target for hackers,
  • The tendency to mishandle device configuration settings  and
  • Staying in  compliance with state and federal laws and regulation.

A primary concern for any business owner is the guardianship of customer and business data from increasing external threats to security, and tougher compliance requirements in regulated industries.

As a matter of fact, today, organizations and businesses must manage, govern and ensure compliance for the overwhelming amount of data they produce, especially in the face of global legislation like CCPA and GDPR, rather than national regulations.”

Read more

Share

Data Encryption Tools For The Mobile Business Executive

by

Infographic depicting various devices using data encryption.

Data encryption is not one of the security options most companies think of providing for their senior executives who use, and travel, with laptops, netbooks and tablets so they can stay productive even when on the road. This is even more true of corporate executives who sometimes demand anytime, anywhere access to data residing on corporate servers.

While the big corporations can afford to spend millions of dollars on data protection hardware and software., the same cannot be said of executives in small and medium-sized organizations, especially when it comes to loss of personal information, including credit card data, patient records or other financial information, stored by the company.

Data breaches happen and information is lost every day due to small mistakes that could have been avoided by using data encryption technologies. For small businesses, these data loss events can be devastating.

Read more

Share

Why Your Small Business Or Organization Needs An Email Policy

by

Mail envelope containing a documenton on a computer screen.

Email is an important and necessary part of your business or organization. It provides an economical and instant means of communicating with staff, customers, and vendors – that’s both simple to use and enables increased efficiency. An email policy is required to protect this necessary business tool.

An email policy is a legal document that details your organization’s definition of acceptable use for the company email system. It should indicate who emails can be received from or sent to, as well as outline what constitutes appropriate content for work emails.

In addition, having an email policy will:

  • Protect the Organization from Liabilities:

When all employees read and sign an email policy, it proves they are aware and agree to the information contained in that policy. Should an email be sent that is not considered appropriate content according to the email policy, the employee, not the organization, would bear the brunt of liability for any damages or suits brought as a result of their sending an inappropriate email.

Read more

Share

Commercial Printers Need Patch Management for Better Productivity

by

Regular patch management is crucial for the security of the computer network of your business.

Patch Management by Tech PrognosisWhether it is from Microsoft, Adobe, Quark, Océ, Kodak, Xerox, or for SmartBoard, PitStop, Quite Imposing etc., patches are released by software vendors usually to address security issues or to provide bug fixes. Occasionally they enhance or add new features.

Because software security vulnerabilities are the most common ways through which malware can penetrate your computer network, patch management is a good security blanket. While antivirus solutions are great for detecting and removing malware once it is detected on your system, security patches are aimed at closing the doors that malware can use to reach to your system.

Since 2005, there have been over eleven million records breached, according to Privacy Rights Clearinghouse. And those are just from the publicly disclosed data breaches. The large majority of security vulnerabilities that led to those data breaches could have been fixed by applying the latest patches provided by software vendors. But as we know, commercial printers have unique environments with sometimes ridiculously outdated hardware and software – Novell 3.1 anyone? How about that DocuTech 1.0 with software that can only be fixed by that guy in California?

Then you have Canon, Xerox, and Océ with their servers and workstations that no one knows what they are doing other than we “just send files to them”. And you can’t update them either, or something will break. We still have a couple of those stuck on Windows XP, or Windows 7.

If you need more proof about the critical nature of patch management, according to ServiceNow, as noted in this article, a survey of nearly 3,000 cybersecurity professionals around the globe found that “almost half of organizations suffered a data breach in the last two years. Of these, the majority said that they had been breached because of a vulnerability—for which a patch was already available.”

Read more

Share

The DigiNotar Breach: Another Exposure of Negligence

by

In case you have not heard, another SSL Certificate provider, Dutch certificate authority DigiNotar, a subsidiary of Vasco Data Security, was breached recently and from the preliminary report coming from the company that did an audit, it looks pretty bad.

Some of the names in the list of bogus certificates generated by the attackers include Comodo, Google, Thawte, Microsoft, Mozilla, WindoswUpdate, WordPress’ MI6, the CIA, Facebook and Twitter.

Read more

Share
Share
Share