One challenge that has been faced by many DevOps teams is the challenge of managing large enterprise environments in a secure and predictable manner. Imagine a situation where there are hundreds or thousands of servers and trying to make certain each one meets a...
A class action suit is in progress after an estimated 200,000 people had personal data exposed by a hacked server at Casino Rama in Ontario. The breach was made public back in November 2016 when the hacker was able to obtain credentials, access at least two of the...
There is a lot of confusion around the term MSSP (Managed Services Security Provider). What are they? What do they do? What is their value? Can’t I just do that myself? The term MSSP had its genesis in the internet service providers (ISPs) in the 1990s the ISP...
The NIST Cyber Security Framework, or NIST CSF, is the result of a February 2013 Executive Order titled “Improving Critical Infrastructure Cybersecurity” and 10 months of collaborative discussions with more than 3,000 security professionals. It comprises a risk-based...
Auditing and logging are an important part of the HIPAA Security Rule, but the rule contains no specifics on this requirement. According to HIPAA Security Rule – 164.312(b):“Implement hardware, software, and/or procedural mechanisms that record and examine...
