Careful Security

#ransomware attacks are on the rise. https://lnkd.in/gvR4KCw Going by the adage that prevention is better than cure, here are three simple steps every organization can take to reduce the risk.... #backups: Backup Locally, in the cloud & and offsite. That way, even if #ransomware strikes, you can wipe the infected systems and restore them with clean backup files. It’s imperative to disconnect the backup storage devices so that even if ransomware strikes, the backup is not affected. #leastprivilege: Make users, including IT admin personnel, log in using a non-privileged account, and escalate privilege as needed using a secondary account. #emailsecurity: Ensure that you have email filters in place to scan macros, executables and password protected files before it lands in your user's inbox. Happy #thanksgiving2020! Remember #securityawareness is the key to prevent unwanted gifts like #ransomwareattacks.

How to pass a #vendor #assessment test? During my time at #warnerbros, I reviewed the security controls of many businesses that wanted to do business with Warner. We'd have an elaborate security questionnaire that we'd send out to vendors to fill up and submit. Having reviewed countless of these questionnaires, I developed a process to help me quickly identify the gaps: #authentication - How do you provide access to your users? Do you have #MFA and/or #SSO enabled?... #datasecurity - Are you using a strong #encryption algorithm to encrypt data at rest and in transit? Are you rotating your keys at least on an annual basis? #penetrationtesting - When was the last time you ran a pen-test on your application? Please note that a manual pen-test is not the same as an automated #vulnerability scan. #incidentresponse - Are you collecting all your logs in a centralized secure location and more importantly do you have a team to review the alerts generated by suspicious activities. #patching - The simplest but often the most ignored one. Needs no explanation, hackers love it when you have unpatched vulnerabilities from the 2010s. Are you sacrificing becoming a preferred provider for larger firms because you can’t pass their #cybersecurity audit? Careful Security is here to help!

How to pass a #vendor #assessment test? Read more: https://bit.ly/3mFzKdl #vendorriskmanagement #securityarchitecture #securityreport... #cybersecuritytips See more

PCI DSS stands for Payment Card Industry Data Security Standard; it’s a set of security standards created to ensure that all merchants who accept, process, store, or transmit credit card information maintain a secure environment, deterring fraud and data breaches. Read more: https://bit.ly/2QhwhmB #pcicompliance