You wouldn’t leave the house without making sure your doors and windows were locked, and that any valuables were hidden or secured in a safe. That way, if you were robbed, the burglar would have a difficult time accessing your most precious assets. In the same way, you need to make sure your organization’s critical data is well protected.
Posts by Category:
- SOC 2
- Privileged Access Management
- Identity and Access Management
- Zero Trust
- ISO 27001
- Role-Based Access Control
- Secure Access Service Edge
Should you host data on-premise or in the cloud? Who is responsible for security? The company who owns the data, the cloud provider, or both?
It's easy to focus on cybersecurity threats like social engineering and phishing. However, internal threats, such as human error and disgruntled employees, can be just as dangerous - and are often overlooked. A mature onboarding and termination policy that leverages least privilege access is essential to preventing a data breach.
Take a deep breath - you’ve got this. Once your blood pressure is back to a reasonable level, start by looking at the RFI itself and ask yourself some questions.
It’s important to keep your Information Security Policy high level. Here are some key points your information security policy should include.
This episode Justin McCarthy has an in-depth chat with Troy Hunt, a respected web security expert, Pluralsite author, and creator of 'Have I Been Pwned?' They talk about all things password related including password reuse, biometrics, and the way security has changed over time.
The cyber risk management policy answers this question: “What is our risk management philosophy and methodology based on our landscape?”
Justin McCarthy has an in-depth chat with Harry Sverdlove, Co-founder and CTO at Edgewise Networks. They talk about how network security is going through an evolution and is ripe for change right now, as well as a pragmatic look at the past, present and future of firewalls and their cousins.
Your SOC 2 confidentiality policy defines procedures to handle confidential information about clients, partners, and the company. Clients and partners expect you to keep their data secure and a confidentiality policy will demand this same expectation of your employees.Here are best practices to consider when writing your confidentiality policy
This episode we sit down with Will Charczuk, Engineering Group Lead at Blend. Will oversees the service management, runtime & alerting, and operations sub-teams. The crew talks in-depth about rapid deployment in a highly secure environment.
There are several different levels of SOC (Service Organization Control) reports and types, so it is easy to get them confused. This post will focus on outlining the path to SOC 2 Type 2.
Listen to this episode here! About This Episode strongDM Co-Founder and CTO Justin McCarthy has a quick chat with Risky Business' host Patrick to discuss strongDM, which makes a protocol proxy that you can use to provision production services (like Kubernetes and SQL access) to users without them ...
This episode we sit down with Peter Tormey, Head of Infrastructure at SoFi. The crew talks PII, security and what it takes to maintain privacy at-scale for the new model of finance. Peter leads the team that manages and develops a HA Postgres infrastructure using CoreOS utilizing K8s to orchestrate over 100 microservice databases.
Listen to this episode here! About This Episode strongDM Co-Founder and CTO Justin McCarthy sits down with Risky Business podcast host Patrick to discuss the strongDM technology, working from home in the current conditions, and making sure that companies have access controls in place while ...