.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
IT Security Policies and Procedures: Why You Need Them
by Geoff Yeagley on September 10, 2015 at 10:54 AM
Policies and Procedures are two of the words that most employees dread to hear, especially when it comes to IT Security. Why does this phenomenon occur? Is it because people don’t want to be told what to do? Is it because people feel as though they are being “micromanaged” when they h …
Top PCI Compliance Myths Debunked
by Geoff Yeagley on September 1, 2015 at 10:00 AM
PCI Compliance is an industry regulation that we hear about all the time, yet there remains a significant amount of confusion around what is required, who needs to be compliant, and how to go about becoming PCI compliant. Couple this with the fact that regulations change frequently an …
Healthcare Breaches and the HIPAA Risk Assessment
by Geoff Yeagley on August 4, 2015 at 11:50 AM
Healthcare attacks are on the rise, there is no doubt about that trend. In 2013 and 2014, credit card breaches are all everyone was talking about. While those still garner headlines today, healthcare breaches have taken over as the top news stories. In some of the largest breaches rep …
Where to Start with PCI Compliance: The PCI Compliance Checklist
by TJ Quirk on July 23, 2015 at 2:14 PM
Navigating the complexities of PCI Compliance can be challenging and time consuming, especially if it is your first time going through the process. What do you need to do to become PCI compliant and what is your plan for getting started? These are questions that are often asked that c …
What is a PCI ROC?
by TJ Quirk on July 21, 2015 at 9:32 AM
Often times we hear terms that are thrown around like PCI Risk Assessment and PCI Report on Compliance (ROC). Are you often struggling to understand the difference between these requirements and if / when you’re required to complete them? The good news is that you’re not alone and hop …
Security Awareness Training is No Joke!
by Derek Boczenowski on June 23, 2015 at 9:51 AM
Without a doubt, almost every type of IT audit contains a section on security awareness training. And in many companies, it is a weakness that can be exploited easier than trying to hack a firewall or compromise a server. In many cases, it can be as easy as sending an email or making …