.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Phishing Examples: Even the Security Folks Get Targeted
by Geoff Yeagley on March 4, 2016 at 10:00 AM
We all hear about phishing emails. All the time. In fact, there is a never ending dialogue about phishing emails in the news, the most recent one being the IRS emailing to say that you owe them money and they are going to arrest you if you don't pay immediately. As a side note, this i …
Social Engineering - Mitigating Your Risk
by Geoff Yeagley on January 12, 2016 at 11:41 AM
As we look into 2016 and what trends are going to take place this year in the world of Information Security, there is one thing that we can predict with significant confidence: Employees will remain the biggest threat to your Information Security Program and ultimately the safety of t …
IT Security vs. Regulatory Compliance: Which One Came First?
by Geoff Yeagley on October 1, 2015 at 2:03 PM
Security or Compliance. Which one should we focus on? On the surface, this almost sounds like the question of which came first, the chicken or the egg. But if we dig deeper, we start to see that while they are similar and have similar goals, they can be very different in how they are …
Security Awareness Training is No Joke!
by Derek Boczenowski on June 23, 2015 at 9:51 AM
Without a doubt, almost every type of IT audit contains a section on security awareness training. And in many companies, it is a weakness that can be exploited easier than trying to hack a firewall or compromise a server. In many cases, it can be as easy as sending an email or making …
Security Awareness Training: The First Line of Defense
by Adam Cravedi on June 3, 2015 at 10:29 AM
Compass IT security auditors are often asked if there is a single “most important” factor involved in safeguarding a business’s data assets.