icon

Articles by tag "security"

5/21/2018 Compliance

Digital Edge GDPR Compliance Statement

Author: Danielle Johnsen (VP of Compliance)
Date: 21 May 2018
Version: 1.1

This document defines Digital Edge’s policy on General Data Protection Regulation of European Union and is based and principles.

10/30/2017 Newsletters

Alerting for Fraudulent Rules Setup in Office 365

Friends and Colleagues, 

It is critical that at this time, the Digital Edge Security Team sends an urgent warning about a wide-spread email phishing campaign aiming at Microsoft Office 365 users. The emails have subject similar to this: “View your Office 365 Business billing statement for…”

The email looks very real and our Security Team is urging what users should pay attention to when analyzing such email for authenticity.

Multiple clients have notified us about receiving said emails and some people were getting trapped by this campaign. 

Click here to read more about this incident of email phishing and possible remediation for this and further attack involving setting up spying rules in your Office 365 account.

9/19/2017 Newsletters

Amazon Security Is Not Enough

Using cloud platforms does guarantee that customer deployments on those platforms will be automatically secured. Regardless of how advanced the security of the products is, if a customer leaves login as admin/admin - the entire deployment will be vulnerable. This admin/admin is only one very simple example, and is exactly why Equifax had its major security breach. 

Digital Edge not only suggests, but implores companies to implement security frameworks such as ISO 27001, NIST Core or SOC2.

Recently, the resumes of potential, current, and previous employees of the US Department of Defense and the US intelligence community were exposed. The documents were found on an insecure Amazon S3 bucket that was not password protected. Amazon needs a stronger third-party cybersecurity to prevent these issues, especially since it is such a large company. This can become very disastrous, for clients and Amazon if the problem isn’t fixed. To find out more information, click here!

8/13/2017 Newsletters

Penetration testing. Helping clients to secure their infrastructures

Recently Digital Edge security team receives lots of requirements for an external penetration testing. We help our clients to achieve their goals. Our team would not just scan networks. We would work with our clients to resolve security concerns. We do not limit clients on number of runs to make sure that all the issues are resolved and scan comes clean. Below is a testimonail from one of our happy client.
 
“Digital Edge was a referral from a colleague in the ASCII Group professional IT consultants network.  I had a client that needed to comply with downstream vendor security requirements.  Having an independent security consultant audit my client was just what we needed.  They provided a detailed report of issues and more importantly how to fix them.  I highly recommend the Digital Edge security team to decision makers that need professional security analysis for their organizations.”
 
Brian Wheeler, Owner
Resolve Technology
 
Digital Edge security team will continue to work with IT groups to assist in ensuring safty for IT infrastructures.
 
6/28/2017 Newsletters

2 Facts about the New Cryptolocker Ransom.Petya

A brief message from the Digital Edge Security Team

  1. All Digital Edge’s clients are patched and safe. If you are not Digital Edge client and feel that you may need assistance please contact us
  2. If you are affected by Ransom.Petya, do not pay the ransom and speak immediately to the Digital Edge Security Team. Further analysis of the cryptolocker, revealed that data retrieval is possible without paying ransom. Please contact our Security Team if you need an assistance with recovering and removing Ransom.Petya. 
     
5/28/2017 Newsletters

Unintentional Damage - Warning About Possible Information Disclosure

Traffic analytical tools can cause unintentional sensitive information disclosure.  

Most of precisely targeted attacks on IT infrastructures are originated from outside of security perimeters of the victimized organizations. However, the security openings allowing cyber attackers to breach security mechanisms overwhelmingly originated either with unintentional help of insiders or disclosure of sensitive information. 

Read more on this subject and how the Digital Edge Security Team helps clients mitigate or prevent these risks.

5/5/2017 Newsletters

Digital Edge ISO/IEC 27001:2013 Certification Success

As of May 1, 2017, Digital Edge is proud to announce its official certification of the International Standards Organization (ISO) 27001 framework for Information Security Management, a specification for an information security management system (ISMS). ISO is an independent, non-governmental international organization with a membership of 163 national standard bodies. ISO is credited for publishing more than 2100 international standards, covering almost every industry, from technology, to food safety, to aviation and healthcare. By adopting the ISO 27001 framework, Digital Edge will protect businesses from threats, including internet fraud, hacking, overseeing of transactions and other cyber security threats.

Undergoing the process of getting certified by ISO is vital to Digital Edge because these standards evaluate process effectiveness and better structures company management and growth. Digital Edge’s clients will always be insured with quality services with the core value of “Stability, Security, Efficiency, and Compliance”. Digital Edge received this certification with minor and no major non-conformities, proving once again that our security processes are constant. 

Receiving the ISO 27001 certification, proves that Digital Edge’s processes meet the best quality and security standards for our clients. Digital Edge guarantees our clients and partners are receiving outstanding services, demonstrating our serious commitment to these security controls.

5/1/2017 Newsletters

Cisco ISE Implementation for Corporate BYOD Policy

Digital Edge was engaged by a US based hardware manufacturer to implement Cisco Identity Manager and BYOD Policies. The client infrastructure is deployed in US Based headquarters, 2 offshore development offices, 2 datacenters, and AWS web services.

The project was successfully delivered and accepted in April 2017. 

 

4/5/2017 Compliance

ISO 27001:2013 High Level Information Security Policy

Author: Danielle Johnsen (VP of Compliance)
Date: 5 April 2017
Version: 2.0

This document defines Digital Edge’s policy on Information Security and is based on the following principles.

3/16/2017 Newsletters

Cutting Through the Noise – WikiLeaks, CIA, Hacking, and Digital Edge

WikiLeaks has recently exposed that the CIA possessed the capability to hack into nearly every device you own. With all that we have learned from these leaks,  Digital Edge wants to take the time to focus on is the “zero days” concept – which can be simply put as a weakness/hole in a system that allows a hacker to breach it before anyone even knows about this vulnerability. The act of reporting the vulnerability is known as “zero days”.

Once a hole in the system is found, it should be reported immediately, so it can be patched up before it’s exploited.

Read more about this here.

Let's talk: 800-714-5143

Speak to a specialist