In this post we are going to talk about Security 101 for Covered Entities. We start a series of posts with this post. This series of posts is called the HIPAA Series. The series will contain seven post: Security 101 for Covered Entities Security Standards: Administrative Safeguards Security Standards: Physical Safeguards Security Standards: technical Safeguards [...]
HIPAA law was created to ensure that patient’s sensitive information is protected. Protected health information (PHI) must be secured in the form of administrative, physical, and technical safeguards. It's better that before continuing to read this post, first read our previous post about HIPAA. The Health Insurance Portability and Accountability Act (HIPAA) was originally passed by [...]
Mobile devices come with their own set of problems, such as unauthorized data access and data leakage, which highlights the importance of managing these devices. Mobile device management (MDM) is a software application for the administration of mobile devices, such as smartphones, tablet computers and laptops. MDM includes storing essential information about mobile devices, deciding [...]
The National Institute of Standards and Technology (NIST) is a non-regulatory agency of the United States Department of Commerce. This Institute develops technology, metrics, and standards to drive innovation and economic competitiveness at U.S.-based organizations in the science and technology industry. For example, one of NIST’s roles is to develop guidelines on how companies can [...]
First of all, it's better to talk about what NIST is and why the content published by NIST is important. The National Institute of Standards and Technology (NIST) is a non-regulatory agency of the United States Department of Commerce. This Institute develops technology, metrics, and standards to drive innovation and economic competitiveness at U.S.-based organizations [...]
Data loss refers to an event in which important data is lost to the enterprise, such as in a ransomware attack. Data loss prevention (DLP) focuses on preventing illicit transfer of data outside organizational boundaries. Data loss prevention is a set of tools and processes used to ensure that sensitive data is not lost, misused, [...]
Rapid7 Nexpose is a vulnerability scanner which aims to support the entire vulnerability management lifecycle, including discovery, detection, verification, risk classification, impact analysis, reporting and mitigation. RAPID7 plays a very important and effective role in the penetration testing, and most pentesters use RAPID7. This paragraph is abbreviated from www.rapid7.com The following figure shows some of [...]
In this post, we'll take a look at ManageEngine ADAudit to help you understand the different aspects of this network product. You can use ManageEngine ADAudit to ensure critical resources in the network like the Domain Controllers are audited, monitored and reported with the entire information on AD objects (like Users, Groups, GPOs, Computers, OUs, etc.). [...]
We have already published posts about firewalls and also hardware firewalls. In this post, we'll take a look at pfsense firewalls to help you understand the different aspects of pfsense firewalls. pfSense is an open source firewall/router computer software distribution based on FreeBSD. This firewall developed by Rubicon Communications, LLC (Netgate). It is installed on [...]