.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Stop Running from Privacy! Use the NIST Privacy Framework
by Jerry Hughes on February 19, 2020 at 1:00 PM
Take a look at your recent SOC 2 Type ll Service Organization Audit, where there are five Trust Service Criteria (Security, Confidentiality, Processing Integrity, Availability, and Privacy). How about your last Health Insurance Portability and Accountability Act (HIPPA) Audit, where t …
The Coronavirus – Be Prepared!
by Jerry Hughes on February 13, 2020 at 1:30 PM
The Centers for Disease Control and Prevention (CDC) is closely monitoring an outbreak of respiratory illness caused by the Coronavirus. This new virus was first identified in Wuhan, Hubei Province, China. Chinese authorities identified the new coronavirus, which has resulted in thous …
Microsoft Office Add-ins, Reason for Concern?
by Adam Cravedi on February 12, 2020 at 1:00 PM
This question came into Compass IT Compliance from a client the other day: “How risky are 3rd party plugins? Should I be concerned about them?”. I had to stop and think about this for a while. In my years of working on vulnerability and penetration testing projects for Compass IT Comp …
Reduce Business Risk with Digital Forensic Preparedness
by Danielle Corsa on February 5, 2020 at 1:00 PM
By taking a multifaceted approach to digital forensic preparedness, you can confidently conduct business in a state of perpetual incident readiness. Blend physical, technical, and administrative operations to prepare for the potential need for digital evidence. Continual collection an …
Vendor Risk Management: Information Security Responsibilities
by Andrew Paull on January 29, 2020 at 3:30 PM
Welcome back! This article serves as part two in my Vendor Risk Management blog series, continuing the discussion on some important factors of creating and renewing third-party contracts.
“Fake It ‘Til You Make It” Doesn't Work in Cybersecurity
by CJ Hurd on January 23, 2020 at 1:00 PM
“Fake it ‘til you make it” – a term that I have heard a thousand times and have probably used before and never thought much of it. That’s until I heard my 14-year-old say it. Let me give you a little context – my son is a freshman in high school and has been in six different schools s …