.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
What is a Vendor Management Program and Why Should You Care?
by Geoff Yeagley on November 3, 2015 at 10:00 AM
Vendor Management is a term that is thrown around all the time, but what does it really mean? If we look at it on the surface, it is a method for managing your vendors and third party service providers. That's a little obvious of course, but let's look at the definition of Vendor Mana …
PCI Compliance and the Transition to EMV
by Geoff Yeagley on October 8, 2015 at 11:19 AM
One week ago today was a very big day in the world of credit card payments, credit card, processing, and ultimately a transfer in liability when credit card information is compromised. In case you are wondering, I am referring to the deadline that was set forth for October 1st for cre …
IT Security vs. Regulatory Compliance: Which One Came First?
by Geoff Yeagley on October 1, 2015 at 2:03 PM
Security or Compliance. Which one should we focus on? On the surface, this almost sounds like the question of which came first, the chicken or the egg. But if we dig deeper, we start to see that while they are similar and have similar goals, they can be very different in how they are …
IT Risk Assessments: Why Don't Companies Conduct Them?
by Geoff Yeagley on September 23, 2015 at 9:58 AM
Data breaches are everywhere! Every time you read the news online or watch the news, there is some form of Cybersecurity problem that has taken place somewhere in the world. Whether it is a credit card data breach or a healthcare data breach, there is no doubt that the security of our …
Difference Between Vulnerability Scanning & Penetration Testing
by Kyle Daun on September 17, 2015 at 9:39 AM
As an IT Security Auditor with Compass IT Compliance over the past few years, I have had the privilege of engaging with a diverse range of individuals, from Boston to Los Angeles, and many places in between. A question that comes up frequently is about the distinction between vulnerab …
IT Security Policies and Procedures: Why You Need Them
by Geoff Yeagley on September 10, 2015 at 10:54 AM
Policies and Procedures are two of the words that most employees dread to hear, especially when it comes to IT Security. Why does this phenomenon occur? Is it because people don’t want to be told what to do? Is it because people feel as though they are being “micromanaged” when they h …