There are two basic defenses you should have in place to defend against cyber attacks One is technological, the other is human. Together, the two can go a long way to protecting the integrity and security of your data. Antivirus software and network protection – One of the risks you face these days is the one […]

So why are we addressing risk management? Because every firm needs to make plans if something bad happens. It could be a fire, flood, hurricane, extensive power or broadband outage, even an act of terror, but any of these events could affect your IT infrastructure or capacity to connect to it. And many smaller firms fail to recognize how reliant they are on their IT infrastructure. Here are two tools that can help keep your IT infrastructure operational in the event of a disaster.
Read more

You may not think too much about serious disasters. Most of us focus on the day-to-day chores of running our businesses and keeping revenues up. However, there are long term planning concerns that many firms just avoid. Those concerns are managing the risk to your business if something very bad happens. This long-term planning is called risk management and it is the dullest topic ever—until something bad happens.
Read more

Have you watched one of those horror movies where the something impersonates the protagonist only to wreak havoc later? Well, website cloning does the same thing–to your business–in real life. Website cloning is one of the most popular methods among scammers to fleece you of your money.

As the name suggests, the cybercriminal first creates a ‘clone’ site of the original one. There can be a clone of any website, though retail shopping sites, travel booking sites and banks are the favorites of cybercriminals. The clone site looks exactly like the original one, barring a very miniscule change in the url.
Read more

Workplaces today have changed. They extend beyond the working hours, beyond the cubicles. Whether you are commuting to work or even vacationing, chances are you or your employees take a break from the break to reply to those important emails that require ‘immediate action’. Plus, there may even be employees who are not even on the same continent as you. What does all this mean for your business in terms of IT security? Does BYOD translate to bring your own disaster to work? This blog explores the risks of BYOD culture and offers tips on how you can avoid them.
Read more

With flexible working schedules, remote teams and Bring Your Own Device (BYOD) policies in force, it is has become commonplace for employees and business owners alike to use smartphones for work purposes. A quick reply to an email, sharing that sales presentation, glancing over that vendor proposal–all on a smartphone–is something we all do on a daily basis. But with this convenience comes great security risks.

This blog discusses what they are and how you can avoid them.

Mobile devices are lost/stolen more easily.

Read more

During the course of IT consultancy, we come across a lot of clients who are not happy with the way their IT shaped up over the years. They feel their IT investments never really yielded the kind of returns they expected and come to us looking to change the trend. When analyzing the reasons for the failure of their IT investment, here’s what we come across most often.
Read more

Does HIPAA regulation cover your business? There are two categories of entities who are regulated by HIPAA and are required to be in full compliance.

Covered Entity – This is the main focus of the original law. Covered entities are those who, in their normal activities, create, maintain, directly access and/or transmit PHI and ePHI. Examples of these entities are healthcare providers, clearinghouses, insurance plans, and employers who self-insure. [Note: In general a specific individual is not considered a covered entity. Their employer is the covered entity. Individuals, however, still have a duty to support and ensure compliance and would likely face disciplinary action by their employer for individual behaviors that compromise compliance. Their employer would be the target of OCR fines and penalties.

Read more

So you know you are regulated by HIPAA. But in a broad sense, what must your organization do to be in compliance? First and foremost, you need to understand what HIPAA and the HITECH Act are regulating. HIPAA and the HITECH Act are regulating and enforcing the security of an individual patient’s health information. The specific information being regulated is known as Protected Health Information (PHI), also known sometimes as Individually Identifiable Health Information (IIHI), and its subset, electronic Protected Health Information (ePHI). ePHI is simply PHI stored, maintained, etc. in digital form. These are defined as any data that can individually identify a patient. That means anything that can reasonably ID a patient. Examples include SSN, medical ID, age, vmail, URLs, driver’s license number, license plate numbers, photos, names of relatives, identified test results, telephone numbers, email and postal addresses, and medical images. As can be seen, this sweeps a large swath of data under the umbrella of protected information.
Read more

You have probably come across the term multi-factor authentication of late. It is an IT buzzword today and is fast becoming one of the best practices of cybersecurity. So, what is multi-factor authentication, exactly? Read this blog to find out.
Read more