Cyber and Network Security Blog
Enhance your level of security.
|
Cyber Security and Network Security Blog
|
Security Governance - align security with the organization
Security Policy Templates - Security Governance
Security policies help ensure systems and data are protected from accidental or intentional actions that impact information availability,
confidentiality, or integrity. For many
organizations, creating security policies can be
time and cost prohibitive. In addition, an
organization may not have the knowledge or
experience needed. Fortunately, a better
solution exists - security policy
templates ready made to help organizations meet security and compliance requirements.
Tags: security policies | information security policy | cyber security policy | it security policy | security policy templates
Security Policies - Manage your Risks
Security policies are documents developed and implemented by an organization to manage security related risks, meet
business requirements, and comply with regulations. Security policies specify the controls and actions to be
performed (what needs to be done) and are approved by senior management to ensure they are in line with the
organization's overall level of risk tolerance. Are your security policies sufficient and effective?
Tags: security policies | information security policy | cyber security policy | it security policy | security policy templates
Start with Security Policies
Many businesses use an ad-hoc approach to securing information. Policies and procedures help organizations manage and control information
security risks.
Tags: security policies | policies and procedures | information security policy | security policy | security policy template
Top 10 IT Audit Questions and Answers
Security audits help organizations meet compliance and security requirements. Make the most of your IT audit by knowing
the top 10 IT audit questions and answers.
security audit | it audit | network security audit | security audit q&a | security audit questions and answers | security audit top 10
|
|
Security Manager - managing the security process
IT Audit - Identify and Reduce your Risks
IT audits help identify risks and ensure security controls are sufficient and effective at protecting your systems and data.
IT audits help ensure information availability - systems and data are available when needed, confidentiality - information is available only to authorized parties, and
integrity - information is accurate, complete, and safeguarded from intentional, unauthorized, or accidental modification.
Tags: it audit | security audit | it security | cyber security | network security | data security
Top 10 Network Security Audit Considerations
Network security audits help organizations
identify security risks to systems and data, meet compliance requirements, and provide peace of mind to the
organization and its customers. Find out the Top 10 network security audit considerations.
Tags: network security audit | it audit | it security audit | network security
| cyber security audit
Why the Internet of Things (IoT) is a Risk to Your Organization
Many organizations adopt Internet of Things (IoT) devices without fully recognizing privacy issues,
risks involved, security challenges, and regulatory requirements. Traditional security concepts
(e.g. vulnerability management, patch management, change management, etc.) that apply to
network infrastructures are not sufficient and need additional controls when implementing IoT devices.
Tags: internet of things | iot | internet of things risks | iot risks
How Much is your Data Worth?
Many organizations use a bottom up approach to security. They implement firewalls,
passwords, anti-virus protection, and backups. Without fully knowing the value of their data,
security systems may not be properly aligned with the needs of the organization.
Tags: data worth | align security | security controls | network security audit
The Perimeter Isn't Secure, Encrypt Your Data
Hackers and unauthorized intruders use
creative ways to by-pass security systems and gain
access to data. Even with all of the appropriate
controls in place your organization may still be at risk
of a security breach. Use encryption to protect
your data and you may also be exempted from various state and federal data
breach notification laws.
Tags: data breach | data encryption | breach notification | database encryption | data security
Penetration Testing - Do you Know the Question?
An information security penetration test (pen test) is a systematic probing of a system for
vulnerabilities. In most instances, the assessment is performed externally, from a remote location. Do
you know the answer to the most important question?
Tags: penetration testing | pen test | penetration test |external security audit
Ransomware - Hackers are Holding your Data Hostage
Ransomware can encrypt files on hard drives, lock the computer, and display messages enticing the
computer user to pay a fee. Take steps to protect your valuable data.
Tags: ransomware | cryptolocker | security audit | security assessment
Website Security and Web Application Security
If automated vulnerability scanners caught all security risks, hackers would be out of business and
security personnel wouldn't have much to do. In reality, automated vulnerability scanners are only one tool used
in the process of identifying and managing security risks.
Tags: website security | web site security | penetration test | website security audit
Security Audits - a Subscription
Security is an on-going process and leading organizations are taking a subscription approach to
security assessments. With new vulnerabilities discovered on a daily basis, a system that is secure one
day may be completely wide open the next.
Tags: network assessment | security assessment | security audit | website security audit | penetration test | pen test
Physical Security Enhances Information Security
Business executives are concerned about protecting their sensitive data and intellectual property. In addition to implementing firewalls
and anti-virus solutions, management needs to be aware of physical security threats.
Tags: risk assessment | physical security | physical security audit | physical security assessment
Security Suite or Best of Breed?
When choosing an enterprise security solution for your organization is it better to choose an
all encompassing security suite from one vendor or select the best software in each class even
if it means using a number of different vendors?
Tags: risk assessment | security software | security suite | antivirus software
Five Steps to Securing Sensitive Information
Safeguarding sensitive data helps ensure that you meet your obligation to your customers,
affiliates, and employees. Altius IT's five Simple steps you can take to secure sensitive
information.
Tags: information security | data security | network security
A SMART Guide to Managing Social Media Risks
Altius IT's SMART guide is a five step approach to managing social media risks that can lead to
information disclosure, compromise of your data, and loss of system availability.
Tags: social media security | social networking security | social networking threats | social networking risks
|
|
Organization Manager - Risk management and compliance
Security Policies - Manage your Risks
Security policies are documents developed and implemented by an organization to manage security related risks, meet
business requirements, and comply with regulations. Security policies specify the controls and actions to be
performed (what needs to be done) and are approved by senior management to ensure they are in line with the
organization's overall level of risk tolerance. Are your security policies sufficient and effective?
Tags: security policies | information security policy | cyber security policy | it security policy | security policy templates
Top 15 Mobile Device Threats
Smartphones and mobile devices may contain sensitive data such as credit card numbers, authentication information, personal data, and activity logs
(i.e. calendar events, tasks, call logs). Discover the Top 15 Mobile Device Threats that can compromise the integrity of the device, disclose personal
information, and result in unauthorized wireless charges.
Tags: mobile device | smartphone | threats | vulnerabilities
What to do if You've Been Hacked
Hackers, competitors, crime syndicates, and
nation states all want your data. It is
important to have security safeguards and
controls but what do you do if you've been
hacked?
Tags: hacked | data breach | attack | compromised
Compliance Does Not Equal Security
Many business managers assume that meeting
compliance requirements and regulations means that the organization has sufficient and effective controls in place to protect against
security breaches. Unfortunately, compliance
does not equal security.
Tags: compliance audit | data security | it audit | network security audit
Identity Theft - Protect Customer Information
Identity theft involves the unauthorized acquisition of a person's personally identifiable
information (PII). Security breaches are one of the main sources of identity theft. Take these steps to protect
sensitive information from a security breach.
Tags: identity theft | ID theft | identity fraud | data breach | cybersecurity
A Customer Centric Approach to Patching Systems
Customers demand more than features and functionality. Top down management support is needed to migrate to a customer focused
approach by addressing security vulnerabilities in a timely manner.
Tags: patch management | software patching | software as a service | security patching | customer security | client security
Risk Management in Five Easy Steps
IT risk management includes all of the activities that an organization carries out to manage
information technology related risks. For many organizations, IT risk management can be performed in
five easy steps.
Tags: risk management | risk assessment | risk treatment
Cloud Computing - Thunder and Lightning on your Horizon?
With Cloud Computing, your staff uses browsers to access software that runs outside the organization on Internet servers. Like any
technology, Cloud Computing and Software as a Service (SAAS) has its risks.
Tags: cloud computing | risk assessment | software as a service | saas
Start with Security Policies
Many businesses use an ad-hoc approach to securing information. Policies and procedures help organizations manage and control information
security risks.
Tags: security policies | policies and procedures | information security policy | security policy | security policy template
Compliance and Database Risk Management
Sarbanes-Oxley (SOX), California Senate Bill 1386, HIPAA, PCI, the Gramm-Leach-Bliley (GLB) Act, and other regulations
were enacted to help protect information. Are you restricting access to sensitive information?
Tags: network security audit | compliance audit | database audit | risk management
Mitigating Information Security Risks
IT systems are a double edge sword. Not only do they increase employee productivity and reduce costs, they also increase risks
as intellectual property and sensitive information are stored in a central location. There is more than one way to address each risk.
Tags: risk reduction | mitigate risks | risk activities | eliminate risks | risk management
Smartphone Security
Today's smartphones come with advanced features such as the ability to connect to the Internet, download applications, store pictures and
videos, use wireless connectivity, etc. While smartphones increase productivity, they also come with risks.
Tags: smartphone security | cell phone security | phone security | mobile device security
Mobile Payment Solutions and Risks
Mobile payment solutions are a quick and easy way to make retail purchases. For the service provider, imagine the benefits of being
able to track consumer buying history with their current location. While payment solutions offer convenience, they also come with risks.
Tags: mobile payment | smartphone payment | cell phone payment | electronic wallet
Social Engineering and Social Networking - Your Users are a Target
Social engineering and social networks can be used to manipulate your staff into performing actions or divulging confidential
information. Security education and awareness training help educate your users of the risks they face and the impact on the organization.
Tags: social engineering | social networking | social networks | user security training | risk assessment | social engineering assessment
Are you Managing your E-mail Risks?
E-mail is critical to the success and operation of most organizations. Without e-mail, organizations are less efficient and can’t
compete against larger, and more established firms. Are you aware of all of your e-mail risks?
Tags: risk assessment | email risks | email risk management
Are you Maximizing your Cloud Opportunities?
Cloud technology has expanded and allows almost any IT related resource to be offered as a service. By knowing the types of Cloud
environments available, you can make informed business decisions and ensure you are maximizing your use of the Cloud.
Tags: cloud environment | software as a service | saas | types of clouds | everything as a service | anything as a service
|
|
Security Engineer - Top 10 lists and technical tips
Chip Security Vulnerabilities
Chip manufacturers have disclosed vulnerabilities in their software that can lead to unauthorized disclosure of
sensitive information. The vulnerability exists in workstations, servers, cloud computing environments, and mobile devices.
Tags: chip security vulnerabilities | intel chip vulnerability | amd chip vulnerability | arm chip vulnerability
Heartbleed OpenSSL Vulnerability
On a daily basis users rely on encryption to protect their sensitive data. A vulnerability in the way encryption is
handled may result in the unauthorized disclosure of IDs, passwords, credit card data, session cookies, and
other sensitive information.
Tags: heartbleed | openssl | memory bug | encryption vulnerability
Top 10
Cybersecurity and Network Security Tips
Altius IT's Top 10 tips to securing your sensitive data and intellectual property help identify
and quantify IT related strengths and weaknesses and helps you focus on those areas that create the most
value for your firm.
Tags: top 10 security tips | hackers | network security audit | risk assessment | security assessment
Top 10 Hacker Tools and Techniques
By understanding how hackers gain access to systems, organizations can stay a step ahead and ensure information
availability, integrity, and confidentiality. Altius IT's list of the Top 10 Hacker Tools and Techniques.
Tags: Top 10 hacker tools | hacker tricks | hacker techniques
Top 10 Cloud Computing Threats
With 24x7 availability and accessible by almost any device with a browser, cloud computing allows
organizations to scale their IT infrastructure and software applications as needed. However, like any
technology, cloud computing has its risks.
Tags: cloud computing | cloud computing threats | cloud computing threats | cloud risks
Top 10 Wireless Network Risks
Many organizations are installing and implementing wireless networks. To help business managers make
informed decisions, Altius IT provides our list of the Top 10 wireless network risks.
Tags: Top 10 wireless network | wireless network risks | wireless network security
Top 10 User Wi-Fi Safeguards
Your users are your first line of defense. They need to play an active role in helping to protect
information systems. We provide the Top 10 steps uses should take when using wireless networks.
Tags: wi-fi network | wireless networks | wi-fi connectivity | mobile computing | wireless communications
Top 10 Windows Vulnerabilities
By understanding Windows based vulnerabilities, organizations can stay a step ahead and ensure information availability,
integrity, and confidentiality. Altius IT's list of the Top 10 Windows Vulnerabilities.
Tags: Top 10 Windows vulnerabilities | security audit | security assessment | network security | workstation security
|
|
Certified Auditors
|
Certified Information Systems Auditors
Unlike a security consultant,
Altius IT is board certified as a Certified
Information Systems Auditor to perform a
security audit of your environment and issue
reports and recommendations to secure your
systems. After your audit, Altius IT's
Auditor Opinion Letter and Secure Seal
let your clients and prospects know you meet
security best practice/compliance requirements.
See our In the News page
for video clips of our experts on national
television as well as over 40 publications
featuring Altius IT. In addition to our auditor
certifications, we hold many security,
technical, and project management credentials.
More information is available on our
About Us page.
Our comprehensive audit
service uncovers gaps in your existing defenses so that you can better:
- Fortify your information systems,
applications, and network infrastructure
- Comply with regulatory requirements
- Protect your valuable assets
|
|
|
|