ControlScan Blog


Posts Tagged: Network Security



August 13, 2018Published by

I’ve found myself in this conversation a few times recently, about what determines that a device on the network is “unapproved.” The fact is, the only unapproved devices on your network are those that defeated your security measures to get on it. If you build the network correctly, then you have lists of monitored and unmonitored devices, but not unapproved.The issue at hand is how to identify and account for your monitored and unmonitored devices. With that accomplished, it’s much easier to spot an anomaly that could lead to a breach.

  Read More   


December 12, 2017Published by

Penetration tests have always had a higher price tag, but their overall cost to you is about to increase in 2018. Here’s what’s changing and how you can keep these costs contained in 2018 and beyond.

  Read More   


June 5, 2017Published by

As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is?

  Read More   


April 19, 2017Published by

FTP servers are essential for sharing files and data, but healthcare providers continue to utilize them in an insecure manner. Just last year, the ControlScan Security Consulting team saw this in action within a large healthcare organization. What happens when FTP goes wrong and how can you prevent your FTP server from leaking ePHI? Read on to find out.

  Read More   


January 13, 2017Published by

It’s Friday the 13th and there’s a “fear factor” in health IT. If you don’t know where your HIT organization’s security and compliance weaknesses lie you’re likely feeling that fear—today and every day.But don’t try to fight off cyber criminals with monster spray! Read this blog post and learn how to arm your organization appropriately.

  Read More   


November 15, 2016Published by

Third party relationships make your life easier in a multitude of ways, from streamlining processes, to providing additional human resources, to ensuring operational efficiency. Unfortunately, these relationships also introduce increased business risk related to data security and compliance.If one or more of your third party vendors doesn’t maintain a strong security posture and is consequently compromised, your business could very well end up sharing the burden of recovery. Read this ControlScan blog post for three steps you can take to lessen your business’s third party risk.

  Read More   


October 7, 2016Published by

One of the easiest ways you can protect business accounts from unauthorized use is to incorporate multi-factor authentication, or MFA. But how do you use it in a way that has a meaningful impact on your organization’s security risk reduction efforts?

  Read More   


September 30, 2016Published by

Cybersecurity Unknowns: It’s not the “who” but the “what.” When you stop and think about your business’s IT security, do you often wonder who the unnamed faces are behind the relentless barrage of cyber attacks out there? Everyone has an opinion: “Government target—must be a nation-state” or “Little guy—must be a disgruntled ex-employee.” Our assumptions, […]

  Read More   


September 22, 2016Published by

Congratulations! Your organization has implemented a SIEM platform for network security monitoring. However, don’t expect it to consume logs and machine data from your environment and effortlessly spit out actionable alarms. In other words, experienced human involvement is necessary to truly realize your SIEM’s benefits.

  Read More   


July 12, 2016Published by

Event log monitoring—or keeping an eye on your system logs for security and compliance purposes—can be a challenge. Here at ControlScan we see businesses and their IT teams struggling with its implementation and/or maintenance just about every day.

  Read More   


June 13, 2016Published by


What’s Your Data Security Approach? Growth and change is inherent to any healthy organization, but that positive change can have a negative impact on the security of your organization’s data. Have you considered what it really takes for your organization to be secure? If not, it’s probably time to ask some hard questions, the first […]

  Read More   


        Featured        

June 6, 2016Published by

Have you been told your organization needs to comply with certain information privacy and/or security standards, such as PCI, HIPAA, etc.? If so, you may find yourself quickly overwhelmed with all the requirements for bringing people, processes and technology into “compliance.” Yes, compliance can suck.

  Read More   


        Featured        

June 3, 2016Published by

2015 became known as “the year of the healthcare breach,” with healthcare hit hard and representing over 39 percent of known breach events. Healthcare organizations of every size are realizing they can no longer afford to ignore the risks they are exposed to on a daily basis. It’s critical that today’s healthcare organizations protect patient […]

  Read More   


May 23, 2016Published by

The ROI of the MSSP Many businesses considering the use of a Managed Security Service Provider (MSSP)—or any service provider for that matter—will ask themselves, “Can we do it for less?” While this discussion certainly makes sense, it’s also wise to consider whether leveraging the provider could actually save your organization money over the long […]

  Read More