March 1 – Your Vendor Contracts Were Supposed to be Updated
The Massachusetts law 201 CMR 17.00 that forces US organizations to protect the PII of Massachusetts residents went into its final enforcement phase on March 1, 2012. By that date, no exceptions, businesses that send Massachusetts-based PII to vendors (service providers) needed to require in providers’ contracts that they will also abide by the law. (more…)
Security Program Review
HALOCK’s Security Program Review is based on ISO 27001 and 27002. It provides a baseline of your current security posture. (more…)
Network Security Engineering Services
One of the things that makes HALOCK a hybrid services firm is our unique practice groups, plus we bring to the table skill sets ranging from governance and strategy, PCI QSA knowledge, assessments and compliance, security solutions, and very seasoned network security engineering services. (more…)
Information Security Policies
Information security policies – Whoo hoo! Pretty exciting stuff! But seriously, if we didn’t have policies, where would we be? Civilization as we know it would cease to exist! We all have policies that we adhere to – personally, professionally, morally. (more…)
HIPAA Gap Assessment
Let’s talk about HIPAA Gap Assessments. First of all, what is it? HIPAA stands for Health Insurance Portability and Accountability Act. HIPAA (not HIPPA) requires organizations that handle electronic protected health information (another abbreviation for you: ePHI) to ensure that this information (more…)
New Year’s Resolutions for 2012
It’s that time of year again! Yay! (more…)
PCI Compliance – It’s not just for today
Read an article recently on study that was comparing organizations that had achieved PCI Compliance, but that when re-visited a year later, had fallen out of compliance. (more…)
In the event of a breach…
Saw a great WSJ article recently on steps to take if you’ve been breached. Well written! Here’s the Cliff Notes version: (more…)
Consumer Loyalty and Data Breaches
A recent article on darkreading.com showed results of a survey on consumer loyalty and data breaches called SailPoint Market Pulse Survey, conducted online by Harris Interactive. (more…)
Who’s Storing Your Sensitive Data?
In the spirit of keeping sensitive data safe, and our private lives private, I was a little disturbed by a recent article I found on Wired News. They are referencing a newly released Dept. of Justice (DoJ) memo which outlines the retention periods for major Telecoms on data they’re storing about your: texting – detail/content; IP session and destination information; call details, (more…)
