This is a timeless concept from roman times, passed down in popular culture, and can be applied to your business security plan. Companies of even modest size and complexity rely on some form of IT to support their computer systems and data. Although, most companies trust their IT department or Managed Services Provider to include security as a baseline component of their work, how do you verify your IT security is dong what you THINK it is doing? A Vulnerability Assessment is a valuable tool.

Cybersecurity Maturity Model Certification (CMMC)

The CMMC started within the Department of Defense (DoD) to reduce the theft of military intelligence, but as expected, it doesn’t look like it will be long before it spreads to other sectors. There’s interest in amending Sarbanes-Oxley to include CMMC, which will impact the financial sector.  Don’t fear this is just an additional burden – the CMMC model is set up to be clearer and easier to implement.  Standardization in security compliance is a win for businesses trying to juggle multiple requirements.

Regulatory compliance is an issue business has faced for years. Over time, not only have the regulations become more nuanced, they’ve become more difficult to track and address, as well.

Are you taking your IT security as seriously as you should? If not, the consequences to your business or organization could be devastating. A security breach could lead to lost data, stolen data, or other irreparable harm to your company’s reputation.  You need to develop a security program.

TIP #1 – ENCRYPT ALL LAPTOPS

We are not going to get into the details of data encryption and you don’t need to fully understand what data encryption is to understand the benefits. The HIPAA Security Rule states that if patient data is encrypted and the data is lost or stolen there is no need to notify patients or report the breach.