.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Why Your Information Security Program Must Evolve...NOW!
by Geoff Yeagley on April 12, 2017 at 10:39 AM
Note: For the purposes of this blog post, we are going to be looking at breach data for the United States only in 2016 2016 was a record year when it comes to data breaches, according to the Identity Theft Resource Center. According to the center, there were a total of 1,093 breaches …
What is Social Engineering? Part III
by Derek Morris on April 11, 2017 at 10:00 AM
What is Social Engineering? In this blog, I would like to shed some light on some other types of social engineering and provide some context on how to protect your business and self. In my first two blogs, I jumped into the Phishing and Spear Phishing pieces of a social engineering at …
What is PCI Compliance?
by Kyle Daun on April 6, 2017 at 10:00 AM
What is PCI Compliance? The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that regardless of size or number of transactions, any business that accepts, processes, stores or transmits credit card information maintains a secure …
What is Social Engineering? The Phishing Email
by Derek Morris on April 4, 2017 at 9:30 AM
What is Social Engineering? Part 2 The seemingly most common way for an attacker to use social engineering to gain entry, exfiltrate information or disrupt business is through email phishing. As I mentioned in the previous blog, slick tactics like using nicknames and shockingly proper …
PCI Compliance Requirements: Some Tools to Help With Requirement 10!
by Derek Morris on March 29, 2017 at 10:00 AM
PCI Requirement 10 states: Track and monitor all access to network resources and cardholder data Logging mechanisms and the ability to track user activities are critical in preventing, detecting and minimizing the impact of a data compromise. The presence of logs in all environments a …
HIPAA Compliance: 5 HIPAA Mistakes to Avoid!
by Derek Boczenowski on March 28, 2017 at 9:30 AM
Here at Compass, we have seen a huge upswing in the number of HIPAA / HITECH risk assessments we have been conducting over the last year. Covered entities (Doctors, Hospitals, Pharmacies) and health plans are obviously storing PHI (protected health information) and ePHI (electronic pr …