Compliance Archives

On October 22nd, 2018 I held a teleconference to discuss the topic of Information Technology (IT) Policies with data privacy expert, Michael Feldman, Esq. and Cybersecurity expert and consultant, Jeff Miller. The complete video is published on YouTube. Below, we are also providing a transcript of the entire call. Daniel: All right, guys, welcome back […]

A Discussion on Information Technology (IT) Policies and Why You Need Them

On September 24th, 2018, I held a teleconference to discuss the topic of Chief Information Security Officer (CISO), and Chief Information Security Officer as-a-Service with data privacy expert, Michael Feldman, Esq. and Cybersecurity expert and consultant, Jeff Miller. The complete video is published on YouTube. Below, we are also providing a transcript of the entire […]

Chief Information Security Officer | CISO | Chief Information Security Officer as-a-Service

In a word, yes. HIPAA section 164.308 requires covered entities to “implement security measures sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level.” Is it reasonable to have employees’ potentially leaving unencrypted laptops in the back seats of taxi cabs with private data on them? Of course not! The scenario of stolen, […]

Do I Really Need Disk Encryption as a Covered Entity Under HIPAA?”

The non-stop drumbeat of devastating headlines has woken up many business owners and executives to the perils of data breaches and theft. As a result, many have carved out large portions of their IT budgets to protect their valuable, mission-critical business data. And then they get out their checkbooks and pay for these services with […]

Concerned About Cybersecurity? Stop Using Insecure Checks for B2B Payments.

Years ago you would only read about a data breach once in a blue moon – it was the rare exception. Fortunately, it continues to be the rare exception, but as the world has moved to become fully digital, the frequency of significant data breaches is no longer like finding a four-leaf clover. Every business […]

Obligations Under New Jersey Breach Data Notification Laws

If you do any kind of military contract work, you are required to implement a minimum set of cybersecurity controls in your organization. The DoD requires all military contractors and subcontractors to adhere to DFARS 252.204-7008 which is essentially just a pointer to NIST SP800-171. NIST SP800-171 is entitled “Protecting Controlled Unclassified Information in Nonfederal […]

Department of Defense Cybersecurity Requirements (DFARS)

With the proliferation of both small and high-profile breaches occurring globally, it is vital to identify and diagnose security vulnerabilities in your company’s IT infrastructure and assets before a breach or intrusion takes place. Penetration testing, also sometimes called 3rd. party pen testing when done by an outside firm, offers real-world, real-time analysis to determine […]

What We Test In Penetration Testing

Running a business of any kind means accepting payments, often via credit card. Because thieves target these transactions, you and your customers are at risk. How much? Credit card theft cost U.S. consumers $16 billion in 2016. Making payments safe for consumers is crucial for your business reputation. As a business owner, you need to […]

Don’t Ruin Your Business by Accepting Credit Cards Without Being PCI Compliant!

When looking for a small business cloud hosting company in the NJ/NYC area, security and compliance questions are sure to arise. Any understandably so. We put together a list of frequently asked questions here to guide our prospective customers accordingly. The questions and answers refer specifically to our New Jersey data center cloud hosting operations. […]

Category: Compliance