Have you noticed consumer and business sites including mobile applications requiring multiple steps to verify who you are? Perhaps you’ve set-up a multi-step verification method to access your bank or Google email account? This security measure is growing in popularity as most data breaches today begin with a set of compromised credentials. From financial institutions to online stores to social media sites, many businesses are now requiring multiple factors of verification to ensure a user is who they say they are, reducing the chances of a cybercriminal successfully gaining access to their networks.
Today, your applications and files are no longer all contained within your four walls. With staff accessing your company's data and apps from multiple locations and on multiple devices, you need to know who is knocking at the door before you let them in. Your business might require complex passwords, but in reality, your staff is most likely using the same passwords across personal and business accounts, and the cybercriminals know it.
In 2018, there was 49.8 million tons of e-waste generated worldwide. The US contributed a staggering 10 million tons of this waste, and our share is growing. As environmental and health concerns arise over the ever-increasing e-waste, it is the responsibility of everyone to ensure its proper disposal.
Microsoft recently announced a pair of Windows 10 Remote Code Execution vulnerabilities, CVE-2019-1181 and CVE-2019-1182. These vulnerabilities allow cybercriminals to obtain remote control of a computer over a network connection. Microsoft discovered the vulnerabilities during routine testing of Windows 10, which allowed them to publish the required security updates and notify the public at the same time.
Most employees want to be productive. As cloud service consumers, we have become accustomed to finding a tool or app that will help us fill a need and simply buy it without obtaining approval from our organization first. This practice of employees bypassing IT management to procure tools and services without proper vetting has infiltrated the workplace and is known as Shadow IT.
It seems we can’t go more than 24 hours without hearing about the latest and greatest data breach that affects millions. So we ask ourselves, “What can we do better?” After all, if the “bad guys” can hack into the federal government, Home Depot, and Target, what hope do small and medium-sized businesses have?
Learning how Quality Management Systems (QMS) and Standard Operating Procedures (SOPs) can positively affect an organization assures consistency and accuracy. Let's take a look at each.
In my blog article posted on July 14, 2017, I covered the Foundations of Quality and Continuous Improvement which discussed the importance of establishing business quality across the board. In this blog post, I will talk about Root Cause Analysis, a method used to discover the root or cause of an issue or problem when quality breaks down.
Email can work for you, and it can be used against you. On the positive side, it's a tool that allows organizations to collaborate, communicate, and save time.
On the negative side, cybercriminals are savvy enough to use it as a weapon to send phishing and spear-phishing emails to unsuspecting recipients allowing confidential data to be exposed and money to be stolen.
Many organizations include the review of Service Organization Controls (SOC) examination reports in their annual vendor due diligence activities; however, most are unsure of what they should be looking for in the report. Determining what is relevant and knowing how to read a SOC examination report can help to ensure that organizations get the most value and assurance out of their review.