Compass IT Compliance Blog

Making Sense of Data Management

Data Management

Organizations face a prevalence of both internal and external cyber threats. This makes data management one of the most critical components in an organization’s cybersecurity program. From classifying data, to ensuring it is handled with the appropriate security precautions, to ensuri …

Read Story

It Is Always Scam Season!

Scam Season

With the holiday season now behind us, we here in the northeast are fully entrenched in winter and I find myself looking forward already to the warm weather that comes with spring and summer. As these seasons come and go, we have learned that scam season is always here, and it is not …

Read Story

Building a Privacy Culture This Data Privacy Week

Data Privacy

In 2022, data privacy became a hot topic as consumers became more aware of how their data was being tracked and used by companies. This was partly due to the efforts of companies like Apple to educate consumers about their privacy rights.

Read Story

Flight Troubles & Business Continuity Planning

Flight Cancellations

This morning, the Federal Aviation Administration’s (FAA) system for alerting pilots and airports of real-time hazards, called NOTAM (Notice to Air Missions), went offline around 3:28AM EST. While flights have slowly resumed to normalcy, this recent event is a further example of a bre …

Read Story

What Does It Mean to Be CJIS Compliant?

CJIS Compliance

If your organization is involved with government entities and operations, chances are you have heard of Criminal Justice Information Services (CJIS) compliance. The term is commonly used in law enforcement but can also apply to civil entities.

Read Story

OWASP Top 10: Why Compliance to OWASP Matters

OWASP Top 10: Why Compliance to OWASP Matters

During a recent web application penetration test, my Compass IT Compliance colleague Jesse Roberts was quickly able to identify and exploit a coding vulnerability on a client’s public facing web portal. As part of the engagement, Jesse was initially granted “standard user” access to t …

Read Story

Subscribe by email