Allowlist and blocklist are better terms for everyone, let’s use them.
21st July 2021
Goodbye whitelist and blacklist, hello allowlist and blocklist! The problem with whitelist and blacklist. Whitelist and blacklist are a pair of very important tools and terms for cybersecurity. So it’s kind of a bummer that they’re bad. Why? Mostly because the terms aren’t nearly as clear as they could be. Whitelists and blacklists control who…
-- READ MORE
Microsoft Office 365 email security defaults are bad, so fix them!
8th July 2021
An email server with weak security settings is like a castle without a wall. The bad guys will walk right in! Unfortunately, Microsoft Office 365 email security leaves much to be desired. Frankly, their default settings are horrible! Email security is important because it is the most common attack vector for attackers looking to gain…
-- READ MORE
All Businesses Need DDoS Protection
1st July 2021
“I think someone is trying to put me out of business.” I recently received this message from a small business owner providing a cloud service. During their peak hours, someone was launching a DDoS attack against their servers, bringing their service to a halt. With the business’s customers experiencing service interruptions, they were thinking about…
-- READ MORE
Fractional CISO releases SOC 2 Software Vendors White Paper
24th June 2021
With over a dozen entries into a market that didn’t even exist a decade ago, it’s hard to make sense of all that’s happening in the SOC 2 software space. To help business leaders understand this rapidly-evolving space, Fractional CISO has released a white paper that evaluates and compares 10 of the most prominent companies…
-- READ MORE
Privacy Shield is Dead, Long Live Privacy Shield!
10th June 2021
The European Court of Justice struck down Privacy Shield last July, but the much-maligned privacy program shambles onward like a regulatory zombie. Except this zombie wants to eat time and paperwork instead of brains. Let me explain. First, some Privacy Shield context. A quick recap on Privacy Shield, and why it matters. Privacy Shield is/was…
-- READ MORE
Browser Extension Security – What browser does it best?
3rd June 2021
For all of Google’s efforts to improve user security, it’s leaving thousands upon thousands of potential vulnerabilities and some actual malware active on its platform in the Chrome Web Store. How? Browser extensions. Browser extension security is generally nightmarish. Browser extensions can improve the functionality of any browser, but also pose a big risk. They…
-- READ MORE
A 3-Point Ransomware Defense Strategy for Small to Midsize Businesses
27th May 2021
Oops, all your organization’s data is encrypted! Could you manage to make a multi-million dollar ransom payment to restore operations? Probably not if you’re a small or midsize business – a small business ransomware attack can be the end of the line. It’s better to have a ransomware defense plan to avoid the situation altogether….
-- READ MORE
