The Health Information Trust Alliance, also known as HITRUST, is an organization that created the Common Security Framework (CSF). The HITRUST Alliance is a non-profit organization with a program set up to standardize compliance requirements amongst many industries. Since it…
The Cybersecurity Maturity Model Certification (CMMC) is a cybersecurity compliance requirement that allows businesses to work with the Department of Defense. It adds an extra layer of security to protect sensitive data. It consists of five levels, with some businesses…
First and foremost, I would like point out that a password policy is only as good as the settings that you select. For example, you could pay a company millions of dollars for the most secure password policy in the…
The FBI's Criminal Justice Information Services Division, known as CJIS, regulates and protects criminal justice information. Established in 1992, it represents the largest division in the FBI. Since it grants government agencies access to sensitive information such as fingerprint records…
Let's talk about insurance and what it's actually intended to do. According to Google's dictionary, insurance has two meanings:
1. A practice or arrangement by which a company or government agency provides a guarantee of compensation for specified loss, damage,…
This topic might seem to alarm you since the fate of your company will be placed in the hands of your employees. When I talk to many prospective customers of nFront Security, I hear the common problem of end-users selecting…
Every day when I speak to various members of IT departments that are interested in the nFront Password Filter, there are a few common topics that we speak about during our conversations. First, he or she will mention that they…
Humans are very predictable and unless we see our company's name plastered across every news channel and online search engine due to a data breach, we will probably assume our company's network is safe, and we are doing a decent…
Running a password cracker is a standard part of any security audit procedure. Password crackers generally work in 4 ways – (1) a brute force crack (2) a dictionary crack (3) a hybrid dictionary crack and (4) rainbow tables. The…
Oftentimes, we are asked "What is the best password policy?"
There is no one size fits all policy that works for everyone. Your policy needs to be reasonable and not too overbearing. I have compiled some…