Altius IT logo

Cyber and Network Security Blog




Enhance your level of security. 




Cyber Security and Network Security Blog




Blog Categories

 




Network security audit Security Manager - managing the security process

How Much is your Data Worth?
Many organizations use a bottom up approach to security. They implement firewalls, passwords, anti-virus protection, and backups. Without fully knowing the value of their data, security systems may not be properly aligned with the needs of the organization.
Tags: data worth | align security | security controls | network security audit

The Perimeter Isn't Secure, Encrypt Your Data
Hackers and unauthorized intruders use creative ways to by-pass security systems and gain access to data.  Even with all of the appropriate controls in place your organization may still be at risk of a security breach.  Use encryption to protect your data and you may also be exempted from various state and federal data breach notification laws.
Tags: data breach | data encryption | breach notification | database encryption | data security

Penetration Testing - Do you Know the Question?
An information security penetration test (pen test) is a systematic probing of a system for vulnerabilities. In most instances, the assessment is performed externally, from a remote location.  Do you know the answer to the most important question?
Tags: penetration testing | pen test | penetration test |external security audit

Ransomware - Hackers are Holding your Data Hostage
Ransomware can encrypt files on hard drives, lock the computer, and display messages enticing the computer user to pay a fee. Take steps to protect your valuable data.
Tags: ransomware | cryptolocker | security audit | security assessment

Website Security and Web Application Security
If automated vulnerability scanners caught all security risks, hackers would be out of business and security personnel wouldn't have much to do. In reality, automated vulnerability scanners are only one tool used in the process of identifying and managing security risks.
Tags: website security | web site security | penetration test | website security audit

Security Audits - a Subscription
Security is an on-going process and leading organizations are taking a subscription approach to security assessments. With new vulnerabilities discovered on a daily basis, a system that is secure one day may be completely wide open the next.
Tags: network assessment | security assessment | security audit | website security audit | penetration test | pen test

Physical Security Enhances Information Security
Business executives are concerned about protecting their sensitive data and intellectual property. In addition to implementing firewalls and anti-virus solutions, management needs to be aware of physical security threats.
Tags: risk assessment | physical security | physical security audit | physical security assessment

Security Suite or Best of Breed?
When choosing an enterprise security solution for your organization is it better to choose an all encompassing security suite from one vendor or select the best software in each class even if it means using a number of different vendors?
Tags: risk assessment | security software | security suite | antivirus software

Five Steps to Securing Sensitive Information
Safeguarding sensitive data helps ensure that you meet your obligation to your customers, affiliates, and employees. Altius IT's five Simple steps you can take to secure sensitive information.
Tags: information security | data security | network security

A SMART Guide to Managing Social Media Risks
Altius IT's SMART guide is a five step approach to managing social media risks that can lead to information disclosure, compromise of your data, and loss of system availability.
Tags: social media security | social networking security | social networking threats | social networking risks

 

 

Compliance security audit Organization Manager - Risk management and compliance

What to do if You've Been Hacked
Hackers, competitors, crime syndicates, and nation states all want your data.  It is important to have security safeguards and controls but what do you do if you've been hacked?
Tags: hacked | data breach | attack | compromised

Compliance Does Not Equal Security
Many business managers assume that meeting compliance requirements and regulations means that the organization has sufficient and effective controls in place to protect against security breaches. Unfortunately, compliance does not equal security.
Tags: compliance audit | data security | it audit | network security audit

Identity Theft - Protect Customer Information
Identity theft involves the unauthorized acquisition of a person's personally identifiable information (PII). Security breaches are one of the main sources of identity theft. Take these steps to protect sensitive information from a security breach.
Tags: identity theft | ID theft | identity fraud | data breach | cybersecurity

A Customer Centric Approach to Patching Systems
Customers demand more than features and functionality.  Top down management support is needed to migrate to a customer focused approach by addressing security vulnerabilities in a timely manner.
Tags: patch management | software patching | software as a service | security patching | customer security | client security

Risk Management in Five Easy Steps
IT risk management includes all of the activities that an organization carries out to manage information technology related risks. For many organizations, IT risk management can be performed in five easy steps.
Tags: risk management | risk assessment | risk treatment

Cloud Computing - Thunder and Lightning on your Horizon?
With Cloud Computing, your staff uses browsers to access software that runs outside the organization on Internet servers. Like any technology, Cloud Computing and Software as a Service (SAAS) has its risks.
Tags: cloud computing | risk assessment | software as a service | saas

Start with Security Policies
Many businesses use an ad-hoc approach to securing information. Policies and procedures help organizations manage and control information security risks.
Tags: security policies | policies and procedures | information security policy | security policy | security policy template

Compliance and Database Risk Management
Sarbanes-Oxley (SOX), California Senate Bill 1386, HIPAA, PCI, the Gramm-Leach-Bliley (GLB) Act, and other regulations were enacted to help protect information.  Are you restricting access to sensitive information?
Tags: network security audit | compliance audit | database audit | risk management

Mitigating Information Security Risks
IT systems are a double edge sword. Not only do they increase employee productivity and reduce costs, they also increase risks as intellectual property and sensitive information are stored in a central location. There is more than one way to address each risk.
Tags: risk reduction | mitigate risks | risk activities | eliminate risks | risk management

Smartphone Security
Today's smartphones come with advanced features such as the ability to connect to the Internet, download applications, store pictures and videos, use wireless connectivity, etc. While smartphones increase productivity, they also come with risks.
Tags: smartphone security | cell phone security | phone security | mobile device security

Mobile Payment Solutions and Risks
Mobile payment solutions are a quick and easy way to make retail purchases.  For the service provider, imagine the benefits of being able to track consumer buying history with their current location. While payment solutions offer convenience, they also come with risks.
Tags: mobile payment | smartphone payment | cell phone payment | electronic wallet

Social Engineering and Social Networking - Your Users are a Target
Social engineering and social networks can be used to manipulate your staff into performing actions or divulging confidential information. Security education and awareness training help educate your users of the risks they face and the impact on the organization.
Tags: social engineering | social networking | social networks | user security training | risk assessment | social engineering assessment

Are you Managing your E-mail Risks?
E-mail is critical to the success and operation of most organizations. Without e-mail, organizations are less efficient and canít compete against larger, and more established firms.  Are you aware of all of your e-mail risks?
Tags: risk assessment | email risks | email risk management

Are you Maximizing your Cloud Opportunities?
Cloud technology has expanded and allows almost any IT related resource to be offered as a service. By knowing the types of Cloud environments available, you can make informed business decisions and ensure you are maximizing your use of the Cloud.
Tags: cloud environment | software as a service | saas | types of clouds | everything as a service | anything as a service

 

 

IT Audit Security Engineer - Top 10 lists and technical tips

Heartbleed OpenSSL Vulnerability
On a daily basis users rely on encryption to protect their sensitive data. A vulnerability in the way encryption is handled may result in the unauthorized disclosure of IDs, passwords, credit card data, session cookies, and other sensitive information.
Tags: heartbleed | openssl | memory bug | encryption vulnerability

Top 10 Cybersecurity and Network Security Tips
Altius IT's Top 10 tips to securing your sensitive data and intellectual property help identify and quantify IT related strengths and weaknesses and helps you focus on those areas that create the most value for your firm.
Tags: top 10 security tips | hackers | network security audit | risk assessment | security assessment

Top 10 Hacker Tools and Techniques
By understanding how hackers gain access to systems, organizations can stay a step ahead and ensure information availability, integrity, and confidentiality. Altius IT's list of the Top 10 Hacker Tools and Techniques.
Tags: Top 10 hacker tools | hacker tricks | hacker techniques

Top 10 Cloud Computing Threats
With 24x7 availability and accessible by almost any device with a browser, cloud computing allows organizations to scale their IT infrastructure and software applications as needed. However, like any technology, cloud computing has its risks.
Tags: cloud computing | cloud computing threats | cloud computing threats | cloud risks

Top 10 Wireless Network Risks
Many organizations are installing and implementing wireless networks. To help business managers make informed decisions, Altius IT provides our list of the Top 10 wireless network risks.
Tags: Top 10 wireless network | wireless network risks | wireless network security

Top 10 User Wi-Fi Safeguards
Your users are your first line of defense. They need to play an active role in helping to protect information systems.  We provide the Top 10 steps uses should take when using wireless networks.

Tags: wi-fi network | wireless networks | wi-fi connectivity | mobile computing | wireless communications

Top 10 Windows Vulnerabilities
By understanding Windows based vulnerabilities, organizations can stay a step ahead and ensure information availability, integrity, and confidentiality. Altius IT's list of the Top 10 Windows Vulnerabilities.
Tags: Top 10 Windows vulnerabilities | security audit | security assessment | network security | workstation security

 


Certified Auditors

Certified Information Systems Auditors

Certified Information Systems Auditors
Unlike a security consultant, Altius IT is board certified as a Certified Information Systems Auditor to perform a security audit of your environment and issue reports and recommendations to secure your systems. After your audit, Altius IT's Auditor Opinion Letter and Secure Seal let your clients and prospects know you meet security best practice/compliance requirements.

See our In the News page for video clips of our experts on national television as well as over 40 publications featuring Altius IT. In addition to our auditor certifications, we hold many security, technical, and project management credentials.  More information is available on our About Us page.

Our comprehensive audit service uncovers gaps in your existing defenses so that you can better:

  • Fortify your information systems, applications, and network infrastructure
  • Comply with regulatory requirements
  • Protect your valuable assets