.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Why Your Staff Needs Security Awareness Training Now!
by Geoff Yeagley on August 24, 2016 at 11:15 AM
We have all been there. We are sitting at our desks, doing our work and the email pops up. Usually from our IT Department or our boss, the email tells us that we need to complete our annual Security Awareness Training within the next 2 weeks. What's the first thought that goes through …
What is Phishing? Attack Techniques & Examples
by Geoff Yeagley on August 17, 2016 at 9:38 AM
Ransomware has dominated the news recently when it comes to IT Security. In fact, it was recently reported that 1 out of 5 companies that suffers a Ransomware attack ends up going out of business at least temporarily and 30% of affected companies lost revenue. Now we turn to the quest …
SSAE 16 SOC 2 Report: The 5 Trust Principles
by Geoff Yeagley on July 20, 2016 at 10:00 AM
Over the past several weeks, we have been digging in to the SSAE 16 SOC 2 reports. We have looked at what a SOC 2 report is, the differences between a Type I and Type II report, and why the Section III is so important. This week we are going to look at what are called the 5 Trust Serv …
AT 101 SOC 2 Report: What is a Section III?
by Geoff Yeagley on July 13, 2016 at 10:10 AM
In the last couple of posts, we talked about how an AT 101 SOC 2 report differs from a SOC 1 and SOC 3 report and also what the differences are between a SOC 2 Type I and Type II report. In this post, we are going to continue dissecting the different terminology and components of the …
3 Reasons Why You Need a HIPAA Risk Assessment Right Now
by Geoff Yeagley on June 16, 2016 at 10:31 AM
HIPAA is in the news all the time. Whether it is the tragedy that struck Orlando last weekend, the news of the HIPAA Audits coming, or a new healthcare breach being reported, we are constantly bombarded with why HIPAA compliance is critical. As with any organization, protecting and sa …
Critical Security Control 19: The Incident Response Plan
by Geoff Yeagley on May 17, 2016 at 12:16 PM
In the world of Information Security, we have all heard of the Center for Internet Security Top 20 Critical Security Controls (CSC's) which is formerly known as the SANS Top 20. This is a list of the 20 IT Security Controls that an organization can implement to strengthen their IT Sec …