.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Data Classification - Understanding the Basics
by Ron Scarborough on May 14, 2018 at 10:00 AM
In the ever-expanding world of PCI DSS, and the emerging GDPR world, data classification is a concern that is often left unattended. Organizations who work with Compass IT often find the value in tagging data that together we deem valuable if manipulated, stolen or destroyed. Organiza …
The NIST Cybersecurity Framework Functions - Protect
by Kyle Daun on April 30, 2018 at 1:34 PM
As promised in last month’s blog about the NIST Cybersecurity Framework Identify function, this month we are discussing the Protect function. After an organization has addressed the five categories within the Identify function (Asset Management (ID.AM), Business Environment (ID.BE), G …
New Version of the Critical Security Controls Released
by Geoff Yeagley on April 25, 2018 at 10:00 AM
Last month, the Center for Internet Security (CIS) released version 7.0 of the Top 20 Critical Security Controls. This represents a significant revision from the previous version (6.1) and introduces some interesting changes. Before we dig into the changes to the controls, if you are …
Why a Risk Assessment is the Beginning of Security, Not the End!
by Derek Boczenowski on April 10, 2018 at 9:30 AM
In the past several weeks, the news has been filled with multiple compromises and hacks. Panera Bread, Delta, and Under Armor just to name a few. One of the ones that has had the most impact is the ransomware attack on the City of Atlanta.
PCI Documentation - Man's Best Friend!
by Ron Scarborough on March 28, 2018 at 10:00 AM
Nobody told you when you were tinkering with a computer as a kid that when you grew up you would be doing so much documentation, did they? Now you have an email from an auditor asking for evidence that you have documented your firewall and router configurations. In the rapidly develop …
Online Banking for Businesses – How to protect yourself
by Derek Boczenowski on March 27, 2018 at 9:15 AM
One of the biggest areas that we see attacks on is the business online banking customer. There has been a marked increase in trying to compromise these accounts, primarily to abscond with the funds within the accounts, but also to execute identity theft as well. Many of these attacks …