.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
The Dangers of a Written Information Security Program (WISP)
by Joel Goloskie on February 22, 2018 at 10:30 AM
This is a guest post that was written by Joel Goloskie, Esq. Joel is Senior Counsel with Pannone, Lopes, Devereaux, & O'Gara in Boston. Joel is a member of the firms Healthcare, Litigation, and Corporate & Business Teams. Joel advises and assists his clients on the various int …
How To Prevent Phishing? More Like How To Train Your (Dragon) End-User
by Ron Scarborough on February 12, 2018 at 9:25 AM
The most dangerous threat to your company’s information isn’t as the movies would lead you to believe. The hacker in a warehouse surrounded with monitors, expounding upon government conspiracies isn’t knocking at your door. The biggest threat is in your building right now and is about …
Why Every Company Needs an Information Security Officer
by Derek Boczenowski on February 7, 2018 at 10:00 AM
In today's world, businesses of all sizes depend heavily on digital systems and data. While this digital transformation brings many benefits, it also exposes companies to a growing number of cyber threats. Data breaches, ransomware attacks, and other types of cybercrime have become al …
PCI Requirements Explained - PCI Requirement 2 - Change Your Defaults!
by Derek Morris on February 6, 2018 at 9:30 AM
This is the second blog in a 12-part series addressing each PCI DSS Requirement and the challenges faced by companies going through this process. Click here for our blog post on requirement 1. I like to refer to this requirement as the Change Your Defaults requirement. The focus is on …
SOC 2 Reports - Ready, Set, Go!
by Derek Morris on February 2, 2018 at 1:15 PM
I need to complete a SOC 2 report on my controls; “Where do I start??” Aside from the easy answer of, contact Compass IT Compliance and we can help you get started, I would like to cover some tips on what to know and how to get started towards completing a SOC 2 report.
Urgent Cisco Vulnerability Identified - What You Need To Know!
by Josh McDonald on January 31, 2018 at 12:21 PM
We know security is important to you and it has come to our attention there is a vulnerability affecting the Cisco ASA operating system, specifically the SSL VPN (CVE-2018-0101). The vulnerability allows an attacker to take remote control of the system and is very high risk. This vuln …