Compass IT Compliance Blog

Response Operations: BCP, IRP, and DRP - Why You Need all Three

tom-grimbert-801120-unsplash

No well-managed organization is immune to the risk of the potential business interruptions that may occur from time to time, whether caused by acts of nature, malicious attack, or simple human error. Depending on the severity of the interruption and the organizational assets and busin …

Read Story

The Cyber Rabbit Hole: Computer Forensics

slejven-djurakovic-1124716-unsplash

This blog is for anyone daring and brave enough to follow the rabbit hole into the realm of computer forensics where there lies the truth. The main objective for an analyst is to be able to dig up the digital past with no judgement of the outcome. There must be a legitimate need to co …

Read Story

Secure Programming: An Afterthought.

computer-2788918_960_720

I’ve been a professional programmer for nearly 16 years. I didn’t learn to program in college, the military taught me. It wasn’t until my seventh year that the security of the applications I was working on was taken seriously. That is seven years of code that was more than likely vuln …

Read Story

New PCI Software Security Framework Published

money-256319_1920

The PCI Security Standards Council published its new Software Security framework on Wednesday January 16th, 2019. The council has stated that the existing standards will be officially retired in 2022.

Read Story

Updates to MA 201 CMR 17 Data Breach Law

boston-1099418_1920

The Laws, they are a’ changin’… …to paraphrase Bob Dylan. And I’m speaking about privacy and breach laws. It would seem that every other day we hear of another set of customer data being compromised at another company. It could be just name and address, but it could be phone number, S …

Read Story

Subscribe by email