.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
IT Risk Assessment and the SANS Top 20 - Part I
by Geoff Yeagley on February 2, 2016 at 10:30 AM
Last week we discussed the SANS Top 20 Critical Security Controls (CSC), what they are, and where they came from. This week we are going to start to dig into a handful of the Critical Security Controls to discuss what they are and why these controls are so important. In fact, industry …
IT Risk Assessments and the SANS Top 20
by Geoff Yeagley on January 26, 2016 at 10:14 AM
No matter what industry you are in, conducting a thorough IT Risk Assessment is critical to your organization for a number of reasons. First, it gives you a point in time measurement of how your IT Security posture compares to either various regulations or IT Security Frameworks.
Social Engineering - Mitigating Your Risk
by Geoff Yeagley on January 12, 2016 at 11:41 AM
As we look into 2016 and what trends are going to take place this year in the world of Information Security, there is one thing that we can predict with significant confidence: Employees will remain the biggest threat to your Information Security Program and ultimately the safety of t …
IT Security in 2016: What Comes Next?
by Geoff Yeagley on January 5, 2016 at 10:00 AM
The last several years in IT Security have been full of surprises as well as the fulfillment of predictions that have been made. If you recall back to 2014, the famed credit card breaches that took place were predicted by most and ultimately held true to form. We had a rash of major b …
IT Security Best Practices: Segregation of Duties
by Geoff Yeagley on December 4, 2015 at 11:35 AM
We hear the phrase “Segregation of Duties” talked about quite a bit when we talk about IT Security. One reason as to why this is such a talked about and ultimately important topic has to do with the fact that the risks associated with Segregation of Duties often go unnoticed until the …
The Top 5 Reasons You Should Have a Vendor Management Program
by Geoff Yeagley on November 10, 2015 at 10:09 AM
Last week we talked about what Vendor Management is and really why you should care about it for your organization. This week we are going to outline the top 5 reasons, in no particular order, of why your organization needs to have a Vendor Management Program implemented and that makes …