Most organizations tend to focus on becoming compliant rather than being secure. And while meeting client requirements and industry regulations is very important, it does not necessarily guarantee that your organization is secure. If your entire information security program is based on “What must we do to be compliant?”, you’re probably missing some major holes … Read more
An information security program is a critical component of any organization regardless of the size of your business or the industry you’re in. A good information security program consists of a comprehensive set of information security policies and procedures, which is the cornerstone to any information security program. Whether you’re responsible for protected health information … Read more
Researchers have discovered a new weakness found in the WPA2 protocol (Wi-Fi Protected Access 2), the security method which protects all modern Wi-Fi networks, known as the KRACK security flaw. Although there is no evidence at this time that the KRACK vulnerability was maliciously exploited, this still raises many concerns for both personal and enterprise … Read more
Avoid a Data Breach: What a Health Care Org Should Do There are three things that a health care organization should do immediately to avoid a data breach. They are: Execute Advanced Penetration Testing. Performing an advanced external penetration test is a strategic approach to identify weaknesses in network and application security, as would a hacker. … Read more
Cost of Downtime Ever calculate the cost of downtime? A major new survey by Veeam Software did, and the results reveal that there’s far more to system downtime than the bracing hard costs. In its fifth annual “Availability Report,” Veeam interviewed 1,140 senior IT staff in 24 countries, including 150 U.S. folks. All of the … Read more
Phase 2 HIPAA Audits Prep Phase 2 HIPAA Audits have officially begun. You may know that the OCR is gathering information to determine which covered entities and business associates will be included in the auditee pool. If you haven’t already prepared for Phase 2 HIPAA Compliance, knowing where to begin may seem a bit overwhelming. … Read more
When Hackers Strike “The battle against terrorism is not only a military battle, but primarily a battle of information” -Ahmed Chalabi In today’s globalized and cyber-connected world, hackers are a real and present danger. The threat of “bad guys” extends to the Internet and the security of your life and personal information. Throughout history, … Read more
Questions about PCI DSS Requirements 3 and 4? You’ve come to the right place. As you may know, AISN is a PCI compliant cloud hosting provider. Previously, we addressed questions about PCI DSS Requirements 1 and 2. Today, we’re reprinting highlights from an exclusive online interview sponsored by our valued partner, KirkpatrickPrice. In this interview, … Read more
In headlines of late, the terms “data breach” and “healthcare organization” aren’t strangers, and now relative to that, avoiding a data breach caused by medical devices is becoming a hot topic. Recent studies and investigations done by cybersecurity professionals in the industry have found that cyber hackers are beginning to use medical device vulnerabilities as … Read more
It’s important to analyze and fully understand the areas of risk as the CFPB continues to closely supervise the collections environment and call monitoring compliance. One of the biggest risks to a collection agency is communication with consumers, making the monitoring of calls a very telling practice. An effective call monitoring program is a critical … Read more