Security Governance
Align security with the organization
A disruption in your supply chain or a security breach in one of your service providers can have a material impact on your operations and damage your organization's image and reputation. Ensure the proper controls are in place to manage your supply chain risks.
Read More
Security policies help ensure systems and data are protected from accidental or intentional actions that impact information availability, confidentiality, or integrity. For many organizations, creating security policies can be time and cost prohibitive. In addition, an organization may not have the knowledge or experience needed. Fortunately, a better solution exists - security policy templates ready made to help organizations meet security and compliance requirements.
Read More
Security policies are documents developed and implemented by an organization to manage security related risks, meet business requirements, and comply with regulations. Security policies specify the controls and actions to be performed (what needs to be done) and are approved by senior management to ensure they are in line with the organization's overall level of risk tolerance. Are your security policies sufficient and effective?
Read More
Many businesses use an ad-hoc approach to securing information. Policies and procedures help organizations manage and control information security risks.
Read More
When a security breach occurs, who owns the data and whose information has been compromised? Is it the organization’s or the customer’s information?
Read More
Security audits help organizations meet compliance and security requirements. Make the most of your IT audit by knowing the top 10 IT audit questions and answers.
Read More
Security Manager
Managing the security process
IT audits help identify risks and ensure security controls are sufficient and effective at protecting your systems and data. IT audits help ensure information availability - systems and data are available when needed, confidentiality - information is available only to authorized parties, and integrity - information is accurate, complete, and safeguarded from intentional, unauthorized, or accidental modification.
Read More
Network security audits help organizations identify security risks to systems and data, meet compliance requirements, and provide peace of mind to the organization and its customers. Find out the Top 10 network security audit considerations.
Read More
A whitelist explicitly allows e-mail messages or access to your network, web application, or other IT related assets. Find out why is it important and how it relates to security audits and penetration tests.
Read More
Many organizations adopt Internet of Things (IoT) devices without fully recognizing privacy issues, risks involved, security challenges, and regulatory requirements. Traditional security concepts (e.g. vulnerability management, patch management, change management, etc.) that apply to network infrastructures are not sufficient and need additional controls when implementing IoT devices.
Read More
Many organizations use a bottom up approach to security. They implement firewalls, passwords, anti-virus protection, and backups. Without fully knowing the value of their data, security systems may not be properly aligned with the needs of the organization.
Read More
Hackers and unauthorized intruders use creative ways to by-pass security systems and gain access to data. Even with all of the appropriate controls in place your organization may still be at risk of a security breach. Use encryption to protect your data and you may also be exempted from various state and federal data breach notification laws.
Read More
An information security penetration test (pen test) is a systematic probing of a system for vulnerabilities. In most instances, the assessment is performed externally, from a remote location. Do you know the answer to the most important question?
Read More
Ransomware can encrypt files on hard drives, lock the computer, and display messages enticing the computer user to pay a fee. Take steps to protect your valuable data.
Read More
If automated vulnerability scanners caught all security risks, hackers would be out of business and security personnel wouldn't have much to do. In reality, automated vulnerability scanners are only one tool used in the process of identifying and managing security risks.
Read More
Security is an on-going process and leading organizations are taking a subscription approach to security assessments. With new vulnerabilities discovered on a daily basis, a system that is secure one day may be completely wide open the next.
Read More
Business executives are concerned about protecting their sensitive data and intellectual property. In addition to implementing firewalls and anti-virus solutions, management needs to be aware of physical security threats.
Read More
When choosing an enterprise security solution for your organization is it better to choose an all encompassing security suite from one vendor or select the best software in each class even if it means using a number of different vendors?
Read More
Safeguarding sensitive data helps ensure that you meet your obligation to your customers, affiliates, and employees. Altius IT's five Simple steps you can take to secure sensitive information.
Read More
Altius IT's SMART guide is a five step approach to managing social media risks that can lead to information disclosure, compromise of your data, and loss of system availability.
Read More
Organization Manager
Risk management and compliance
Security policies are documents developed and implemented by an organization to manage security related risks, meet business requirements, and comply with regulations. Security policies specify the controls and actions to be performed (what needs to be done) and are approved by senior management to ensure they are in line with the organization's overall level of risk tolerance. Are your security policies sufficient and effective?
Read More
Smartphones and mobile devices may contain sensitive data such as credit card numbers, authentication information, personal data, and activity logs (i.e. calendar events, tasks, call logs). Discover the Top 15 Mobile Device Threats that can compromise the integrity of the device, disclose personal information, and result in unauthorized wireless charges.
Read More
Hackers, competitors, crime syndicates, and nation states all want your data. It is important to have security safeguards and controls but what do you do if you've been hacked?
Read More
Many business managers assume that meeting compliance requirements and regulations means that the organization has sufficient and effective controls in place to protect against security breaches. Unfortunately, compliance does not equal security.
Read More
Identity theft involves the unauthorized acquisition of a person's personally identifiable information (PII). Security breaches are one of the main sources of identity theft. Take these steps to protect sensitive information from a security breach.
Read More
Customers demand more than features and functionality. Top down management support is needed to migrate to a customer focused approach by addressing security vulnerabilities in a timely manner.
Read More
IT risk management includes all of the activities that an organization carries out to manage information technology related risks. For many organizations, IT risk management can be performed in five easy steps.
Read More
With Cloud Computing, your staff uses browsers to access software that runs outside the organization on Internet servers. Like any technology, Cloud Computing and Software as a Service (SAAS) has its risks.
Read More
Many businesses use an ad-hoc approach to securing information. Policies and procedures help organizations manage and control information security risks.
Read More
Sarbanes-Oxley (SOX), California Senate Bill 1386, HIPAA, PCI, the Gramm-Leach-Bliley (GLB) Act, and other regulations were enacted to help protect information. Are you restricting access to sensitive information?
Read More
IT systems are a double edge sword. Not only do they increase employee productivity and reduce costs, they also increase risks as intellectual property and sensitive information are stored in a central location. There is more than one way to address each risk.
Read More
Today's smartphones come with advanced features such as the ability to connect to the Internet, download applications, store pictures and videos, use wireless connectivity, etc. While smartphones increase productivity, they also come with risks.
Read More
Mobile payment solutions are a quick and easy way to make retail purchases. For the service provider, imagine the benefits of being able to track consumer buying history with their current location. While payment solutions offer convenience, they also come with risks.
Read More
Social engineering and social networks can be used to manipulate your staff into performing actions or divulging confidential information. Security education and awareness training help educate your users of the risks they face and the impact on the organization.
Read More
E-mail is critical to the success and operation of most organizations. Without e-mail, organizations are less efficient and can’t compete against larger, and more established firms. Are you aware of all of your e-mail risks?
Read More
Cloud technology has expanded and allows almost any IT related resource to be offered as a service. By knowing the types of Cloud environments available, you can make informed business decisions and ensure you are maximizing your use of the Cloud.
Read More
Security Engineer
Top 10 lists and technical tips
Chip manufacturers have disclosed vulnerabilities in their software that can lead to unauthorized disclosure of sensitive information. The vulnerability exists in workstations, servers, cloud computing environments, and mobile devices.
Read More
On a daily basis users rely on encryption to protect their sensitive data. A vulnerability in the way encryption is handled may result in the unauthorized disclosure of IDs, passwords, credit card data, session cookies, and other sensitive information.
Read More
Altius IT's Top 10 tips to securing your sensitive data and intellectual property help identify and quantify IT related strengths and weaknesses and helps you focus on those areas that create the most value for your firm.
Read More
By understanding how hackers gain access to systems, organizations can stay a step ahead and ensure information availability, integrity, and confidentiality. Altius IT's list of the Top 10 Hacker Tools and Techniques.
Read More
With 24x7 availability and accessible by almost any device with a browser, cloud computing allows organizations to scale their IT infrastructure and software applications as needed. However, like any technology, cloud computing has its risks.
Read More
Many organizations are installing and implementing wireless networks. To help business managers make informed decisions, Altius IT provides our list of the Top 10 wireless network risks.
Read More
Your users are your first line of defense. They need to play an active role in helping to protect information systems. We provide the Top 10 steps uses should take when using wireless networks.
Read More
By understanding Windows based vulnerabilities, organizations can stay a step ahead and ensure information availability, integrity, and confidentiality. Altius IT's list of the Top 10 Windows Vulnerabilities.
Read More
If You Want a "Security Audit" 
