.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Not Using Multifactor Authentication? Your Days Are Limited!
by Derek Boczenowski on February 22, 2023 at 2:30 PM
Despite the fact the multifactor authentication (MFA) has been around for decades at this point, the majority of both business and personal logins only use it when absolutely necessary. The complaints are well known; it takes too long to login, if I forget my phone or token I can’t lo …
Making Sense of Data Management
by Jeffrey Torrance on February 9, 2023 at 2:45 PM
Organizations face a prevalence of both internal and external cyber threats. This makes data management one of the most critical components in an organization’s cybersecurity program. From classifying data, to ensuring it is handled with the appropriate security precautions, to ensuri …
OWASP Top 10: Why Compliance to OWASP Matters
by Jake Dwares on November 10, 2022 at 1:00 PM
During a recent web application penetration test, my Compass IT Compliance colleague Jesse Roberts was quickly able to identify and exploit a coding vulnerability on a client’s public facing web portal. As part of the engagement, Jesse was initially granted “standard user” access to t …
Only YOU Can Prevent Cyberattacks This October (And Beyond)
by Brian Kelly on October 13, 2022 at 4:30 PM
Some of you may be old enough to remember Smokey the Bear. Created in 1944, the Smokey Bear Wildfire Prevention campaign is the longest-running public service advertising campaign in U.S. history. In 1947, Smokey’s slogan became "Remember... Only YOU Can Prevent Forest Fires".
MSP Breaches Opening the Door to Further Attacks on Clients
by Jake Dwares on August 10, 2022 at 1:00 PM
Is your Managed Service Provider (MSP) protecting yours and your client’s data? Are you regularly assessing your MSP and the rest of your vendors? It is no secret that hackers have gained access to more and larger companies over the past few years, but a new malicious tactic is coming …
Access Control to Combat Domestic and Global Threats
by Bryan Borrayo on August 4, 2022 at 1:00 PM
By now, most cybersecurity professionals have heard of the term access control. Access control is a method of guaranteeing that users are who they say they are and that they have the appropriate access to company data. Access control is comprised of two main components: authentication …