Blog

SOC 2 Type 1 vs Type 2: Get a Type 2!

12th May 2021

Trying to pick between SOC 2 Type 1 vs Type 2? Our answer is simple, get the Type 2! Here’s why it’s the much better choice…

-- READ MORE

SOC 2 vs ISO 27001

5th May 2021

SOC 2 and ISO 27001 take two different approaches to the same problem. Both will have you improving your security program, but in different ways. It’s important to understand the differences between the two, even if your ultimate decision might be the result of something else altogether.

-- READ MORE

Prevent Email Spoofing with EmailSpoofTest

29th April 2021

Your email provider runs the equivalent of a border checkpoint. It must do this to filter the real emails from the malicious ones. Every person (message) that wants to enter the country (server) must have its documentation in order. One of the best ways through for a malicious actor? Spoofed documentation (email spoofing). Email spoofing…

-- READ MORE

SOC 2 Trust Services Criteria: An Easy Guide

22nd April 2021

The five SOC 2 Trust Services Criteria are different areas of focus for a your SOC 2 audit. This easy guide will help you choose them.

-- READ MORE

Is Your Cyber Insurance Broken?

15th April 2021

Is your cyber insurance terrible? Probably. The companies that offer this coverage lack consistent standards and exclusions are rampant.

-- READ MORE

Can you teach employees how to phish to help them avoid phishing?

8th April 2021

There’s a famous saying “give a man a phish, and he’ll be able to recognize one phishing email. Teach a man to phish, and he’ll be able to avoid phishing emails for the rest of his life.” Or something like that.

-- READ MORE

Public WiFi: A double espresso for you and passwords for the bad guys.

1st April 2021

Thanks to the power of public WiFi, it was common for many of us to head out to the nearest coffee shop, order an iced macchiato with an extra shot of espresso, whipped cream, and caramel drizzle, and pop open the work laptop to get stuff done in a cozy, public environment. Well, it was…

-- READ MORE

Splitting Hairs on Split Tunneling

25th March 2021

Split tunneling offers serious potential for your business, especially if your employees are working remotely. So should you use it?

-- READ MORE

Slack Shared Channel Metadata Exposure

19th March 2021

Slack sent us a notice on Thursday, March 18, 2021 that due to a software vulnerability it “unintentionally shared Slack Connect metadata” with partners that we share a Slack channel with. The result was a Slack shared channel metadata exposure. Slack is a messaging platform that we use to communicate internally and externally with some…

-- READ MORE

Security and Compliance – Cousins, Not Twins

18th March 2021

Compliance and security are managed by the same internal groups of people, so there is a risky tendency to lump them together.

-- READ MORE

1 2 3 … 11 Next »