Derek Morris

Derek Morris

Derek Morris is an experienced Senior Information Technology Security Professional with Compass IT Compliance. Derek carries over 25 years of experience in information technology, security, and infrastructure. He holds numerous industry and vendor certifications including CISSP, CISM, CISA, CDPSE, CCNA, and MCSA along with a Bachelor's Degree in Computer Information Systems from Bryant University. Derek also currently serves as one of the Qualified Security Assessors (QSA) for PCI DSS at Compass.

Posts by Derek Morris

PCI Requirement 4 – Hide in Plain Sight

by Derek Morris on May 22, 2018 at 9:30 AM

business-code-codes-207580

This is the fourth blog in a 12-part series addressing each PCI DSS Requirement and the challenges faced by companies going through this process. To read previous posts in this series, click on the links below: PCI DSS Requirement 1 PCI DSS Requirement 2 PCI DSS Requirement 3 Requirem …

Read Story

Topics: PCI Compliance

PCI Requirement 3 - Don't Store Cardholder Data!!

by Derek Morris on March 19, 2018 at 1:58 PM

Credit-Card-Computer-Purchase.jpg

This is the third blog in a 12-part series addressing each PCI DSS Requirement and the challenges faced by companies going through the process of becoming or maintaining compliance with the PCI Data Security Standards. Click here for our blog posts on requirement 1 and requirement 2. …

Read Story

Topics: PCI Compliance

PCI Requirements Explained - PCI Requirement 2 - Change Your Defaults!

by Derek Morris on February 6, 2018 at 9:30 AM

Credit-Card-Computer-Purchase.jpg

This is the second blog in a 12-part series addressing each PCI DSS Requirement and the challenges faced by companies going through this process. Click here for our blog post on requirement 1. I like to refer to this requirement as the Change Your Defaults requirement. The focus is on …

Read Story

Topics: PCI Compliance

SOC 2 Reports - Ready, Set, Go!

by Derek Morris on February 2, 2018 at 1:15 PM

binding-contract-948442_1280.jpg

I need to complete a SOC 2 report on my controls; “Where do I start??” Aside from the easy answer of, contact Compass IT Compliance and we can help you get started, I would like to cover some tips on what to know and how to get started towards completing a SOC 2 report.

Read Story

Topics: SOC 2

PCI Requirements Explained - PCI Requirement 1 - Defending the Wall

by Derek Morris on January 23, 2018 at 9:30 AM

PCI Requirements Explained - PCI Requirement 1 - Defending the Wall

This will be the first blog in a 12-part series addressing each PCI DSS Requirement and the challenges faced by companies going through the process of becoming compliance with the PCI Data Security Standard.

Read Story

Topics: PCI Compliance

What is Social Engineering? Part III

by Derek Morris on April 11, 2017 at 10:00 AM

What is Social Engineering- Part III.png

What is Social Engineering? In this blog, I would like to shed some light on some other types of social engineering and provide some context on how to protect your business and self. In my first two blogs, I jumped into the Phishing and Spear Phishing pieces of a social engineering at …

Read Story

Topics: Social Engineering
1 2 3 4

See all

See all

Subscribe by email