.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Secure Programming: An Afterthought.
by George Seerden on February 13, 2019 at 1:00 PM
I’ve been a professional programmer for nearly 16 years. I didn’t learn to program in college, the military taught me. It wasn’t until my seventh year that the security of the applications I was working on was taken seriously. That is seven years of code that was more than likely vuln …
New PCI Software Security Framework Published
by Patrick Hughes on February 9, 2019 at 1:00 PM
The PCI Security Standards Council published its new Software Security framework on Wednesday January 16th, 2019. The council has stated that the existing standards will be officially retired in 2022.
Updates to MA 201 CMR 17 Data Breach Law
by Derek Boczenowski on February 1, 2019 at 1:00 PM
The Laws, they are a’ changin’… …to paraphrase Bob Dylan. And I’m speaking about privacy and breach laws. It would seem that every other day we hear of another set of customer data being compromised at another company. It could be just name and address, but it could be phone number, S …
FINRA 2019 Priorities Letter Released
by CJ Hurd on January 30, 2019 at 10:54 AM
In this blog we’ll be discussing the release of the Financial Industry Regulatory Authority’s (FINRA) 2019 Risk Monitoring and Examination Priorities Letter. The letter, released on January 22nd, 2019, highlights new priorities and identifies ongoing areas of concern for the coming ye …
Emotet Malware Warning From MS-ISAC
by Austin Wolfson on January 23, 2019 at 2:14 PM
In this blog we’ll be discussing the Emotet malware program, particularly regarding the most recent and ongoing malspam campaign using the Multi-State Information Sharing and Analysis Center (MS-ISAC), and State, Local, Tribal, and Territorial (SLTT) branding.
Introduction to Business Continuity Planning
by CJ Hurd on January 7, 2019 at 11:47 AM
This is part 1 of a 4-part series as we discuss Business Continuity Planning (BCP). We will take you through conducting a Business Impact Analysis, Plan Implementation, and BCP Testing in the coming months as part of this series.