.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Difference Between Vulnerability Scanning & Penetration Testing
by Kyle Daun on September 17, 2015 at 9:39 AM
As an IT Security Auditor with Compass IT Compliance over the past few years, I have had the privilege of engaging with a diverse range of individuals, from Boston to Los Angeles, and many places in between. A question that comes up frequently is about the distinction between vulnerab …
IT Security Policies and Procedures: Why You Need Them
by Geoff Yeagley on September 10, 2015 at 10:54 AM
Policies and Procedures are two of the words that most employees dread to hear, especially when it comes to IT Security. Why does this phenomenon occur? Is it because people don’t want to be told what to do? Is it because people feel as though they are being “micromanaged” when they h …
Top PCI Compliance Myths Debunked
by Geoff Yeagley on September 1, 2015 at 10:00 AM
PCI Compliance is an industry regulation that we hear about all the time, yet there remains a significant amount of confusion around what is required, who needs to be compliant, and how to go about becoming PCI compliant. Couple this with the fact that regulations change frequently an …
Healthcare Breaches and the HIPAA Risk Assessment
by Geoff Yeagley on August 4, 2015 at 11:50 AM
Healthcare attacks are on the rise, there is no doubt about that trend. In 2013 and 2014, credit card breaches are all everyone was talking about. While those still garner headlines today, healthcare breaches have taken over as the top news stories. In some of the largest breaches rep …
Where to Start with PCI Compliance: The PCI Compliance Checklist
by TJ Quirk on July 23, 2015 at 2:14 PM
Navigating the complexities of PCI Compliance can be challenging and time consuming, especially if it is your first time going through the process. What do you need to do to become PCI compliant and what is your plan for getting started? These are questions that are often asked that c …
What is a PCI ROC?
by TJ Quirk on July 21, 2015 at 9:32 AM
Often times we hear terms that are thrown around like PCI Risk Assessment and PCI Report on Compliance (ROC). Are you often struggling to understand the difference between these requirements and if / when you’re required to complete them? The good news is that you’re not alone and hop …