.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
IT Security vs. Regulatory Compliance: Which One Came First?
by Geoff Yeagley on October 1, 2015 at 2:03 PM
Security or Compliance. Which one should we focus on? On the surface, this almost sounds like the question of which came first, the chicken or the egg. But if we dig deeper, we start to see that while they are similar and have similar goals, they can be very different in how they are …
IT Risk Assessments: Why Don't Companies Conduct Them?
by Geoff Yeagley on September 23, 2015 at 9:58 AM
Data breaches are everywhere! Every time you read the news online or watch the news, there is some form of Cybersecurity problem that has taken place somewhere in the world. Whether it is a credit card data breach or a healthcare data breach, there is no doubt that the security of our …
Difference Between Vulnerability Scanning & Penetration Testing
by Kyle Daun on September 17, 2015 at 9:39 AM
As an IT Security Auditor with Compass IT Compliance over the past few years, I have had the privilege of engaging with a diverse range of individuals, from Boston to Los Angeles, and many places in between. A question that comes up frequently is about the distinction between vulnerab …
IT Security Policies and Procedures: Why You Need Them
by Geoff Yeagley on September 10, 2015 at 10:54 AM
Policies and Procedures are two of the words that most employees dread to hear, especially when it comes to IT Security. Why does this phenomenon occur? Is it because people don’t want to be told what to do? Is it because people feel as though they are being “micromanaged” when they h …
Top PCI Compliance Myths Debunked
by Geoff Yeagley on September 1, 2015 at 10:00 AM
PCI Compliance is an industry regulation that we hear about all the time, yet there remains a significant amount of confusion around what is required, who needs to be compliant, and how to go about becoming PCI compliant. Couple this with the fact that regulations change frequently an …
Healthcare Breaches and the HIPAA Risk Assessment
by Geoff Yeagley on August 4, 2015 at 11:50 AM
Healthcare attacks are on the rise, there is no doubt about that trend. In 2013 and 2014, credit card breaches are all everyone was talking about. While those still garner headlines today, healthcare breaches have taken over as the top news stories. In some of the largest breaches rep …