View Post

Cyber Wednesday Info Byte #11

Media sanitization policies are a critical component of information security. As technology changes, organizations must review policy and process to ensure that it is still effective. Solid state drives require extra attention. “Degaussing, a fundamental way to sanitize magnetic media, no longer applies in most cases for flash memory-based devices. Evolutionary changes in magnetic media will also have potential impacts …

View Post

Cyber Wednesday Info Byte #12

Every day our personal information and metadata is flowing through an increasingly complex data processing ecosystem. Organizations and consumers alike have a need to understand the potential privacy risks associated with the technological solutions they choose. The Privacy Framework provides a common language for understanding, managing, and communicating privacy risk with internal and external stakeholders. It is adaptable to any …

View Post

Cyber Wednesday Info Byte #10

Consider the privacy risks that home smart devices might introduce to your remote workforce. A robust security awareness program will have a positive impact on employees even when they are off the clock. The security and privacy of smart home devices can be contingent on the security of the home network. There were a few advanced users that mentioned more …

View Post

Cyber Wednesday Info Byte #9

Get ahead of dangerous practices within your organization by instituting process and policy around the transfer of large files internally and externally. Eliminate Shadow IT! Learn more: https://csrc.nist.gov/CSRC/media/Publications/Shared/documents/itl-bulletin/itlbul2020-08.pdf Our offering: Unlimited Technology offers solutions for each of the functions of the NIST Cyber Security Framework. Our goal is to put you in command of your world by providing you with …

View Post

Cyber Wednesday Info Byte #8

Zero Trust is the term for an evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources. Learn more: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf Our offering: Unlimited Technology offers solutions for each of the functions of the NIST Cyber Security Framework. Our goal is to put you in command of your world by providing you …

View Post

Cyber Wednesday Info Byte #7

The first step to detecting unauthorized access to a system is monitoring and logging of authorized access, a vital part of the Continuous Security Monitoring (DE.CM) process. Learn more: https://www.nist.gov/cyberframework/framework Our offering: Unlimited Technology offers solutions for each of the functions of the NIST Cyber Security Framework. Our goal is to put you in command of your world by providing …

View Post

Cyber Wednesday Info Byte #6

No matter the size of the organization or maturity of the program, the core functions of an effective cyber program are to Identify, Protect, Detect, Respond, and Recover.     Our offering: Unlimited Technology offers solutions for each of the functions of the NIST Cyber Security Framework. Our vulnerability scanning solution is an excellent way of ensuring that “A vulnerability …

View Post

Cyber Wednesday Info Byte #5

The Security and Privacy Controls for Information Systems and Organizations (Draft NIST SP-800-53 R5) presents the next generation of controls that are required to secure all types of computing platforms. The public comment period is now closed, but you can see a preview here: https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/draft Our offering: Unlimited Technology provides a Security Awareness package helping you satisfy AT-2 AWARENESS TRAINING …

View Post

Cyber Wednesday Info Byte #4

Longer passwords are better. Did you know that the current best practice guidance from NIST has removed the requirement to enforce password C0mpl3xity! Arbitrary expiration deadlines are also out. A password should change if you suspect that it has been compromised. Learn more about Digital Identity Guidelines from NIST: https://pages.nist.gov/800-63-3/sp800-63b.html Our offering: In addition to Security Training and Phishing Testing, …

View Post

Cyber Wednesday Info Byte #3

Where should you start when trying to mitigate the risks of IOT devices deployed on your network? NIST has defined the set of technical device capabilities needed to support common cybersecurity controls that protect the customer’s devices, data, systems, and ecosystems. Learn more from NIST at https://csrc.nist.gov/publications/detail/nistir/8259a/final Our offering: Penetration Testing – Beyond vulnerability analysis, we offer pentesting services to …