fbpx

Blog

The 5 W’s of Data Classification

There are several routes to Regulatory Compliance, but the journey has to include Data Classification. At the heart of becoming compliant, is an effective Data Security Strategy – which in the perfect world would keep our information assets safe from unauthorized access (aka Hackers and Data Thieves). Regardless of the compliance requirement: HIPAA, ITAR, EAR, PCI,…

read more

Cyber Insurance – Why Insuring Your IT Infrastructure is a Must

Target…Neiman Marcus….Home Depot….and now Chase, Cyber Breaches are now a mainstay of Corporate America and will be for a long time to come. Although the first few IT Security breaches had caused uproar in the media and panic within the general public, it seems that as of now, these breaches are commonplace and even expected…

read more

EAR Compliance and Data Classification Pt. II; Categorization

Equally important as classifying EAR Sensitive data, is categorizing it. Once data is deemed as sensitive or non-sensitive, an organization must apply a set of categories that will differentiate data based on confidentiality and authorization. While it’s understood that an inherent rule of EAR compliance demands that EAR Sensitive data not be seen by non-US…

read more

EAR Compliance and “Technical Data” Explained

Although EAR Compliance has been around for quite some time now, IT security has just begun to become a major tenant it’s requirements. One of the most important components to understand, in respect to EAR Compliance, is what exactly classifies as EAR regulated items or “Deemed Exports”. The definitions have always been a tad difficult…

read more

EAR Compliance and Data Classification

Export Administration Regulations (EAR) is a set of US Government regulations that deals with the export and temporary import of items designed for commercial use, which could have military application (Dual Use). The sensitive information in an EAR context is usually defined as “Technical Data” which includes; articles, technology, software, and other information necessary for…

read more

Data Security Best Practices for EAR Compliance

 Data Security Best Practices for EAR Compliance EAR Compliance is very similar to ITAR Compliance. However, while ITAR covers military items or defense related technical data, EAR Regulates items designed for commercial purpose which could have military applications such as computers or software (Dual Use). Logically, this includes technical data as well as other information…

read more

The Benefits Full Disk Encryption

Why use disk encryption to encrypt laptops and desktops? Well, why not? There is much talk about security in the cloud and protecting data in transit. But what about data at rest? What would happen if your laptop was lost or stolen? Consider the information we keep on our hard drives: passwords, cached cloud storage,…

read more

Centralized IT Security Management through a “Single Pane of Glass”

For years I have heard the term, “single pane of glass” repeated by software vendors time and time again, and many times I thought the term overused to a point that it became just another marketing term to throw around.  Recently though I was at a client meeting with a well- known security vendor where…

read more

Multi Factor Authentication

Multi Factor Authentication is here and has been a part of our everyday life for a few years now. Everyday examples include: Your ATM Card + Pin to withdraw money from the ATM machine; if you have a safe deposit box, you’ll need two keys to open it; some web pages ask you to enter…

read more

AB 1149 Aurora Releases “Compliance Data Security” White Paper

Aurora has just released a new white paper documenting the Best Practices for Data Security in regard to AB 1149 Compliance. AB 1149 is a new bill which requires notification of data breaches for local and county government agencies. With the goal of Identity Theft prevention, AB 1149 mandates that local and country government agencies…

read more