Articles by tag "security"

Lately, and for good reason, the top thing on people’s minds has been the COVID-19 Coronavirus. Any change from normal operations will inherently be less secure, because often the processes are unfamiliar and have not been ironed out to the extent that a company’s normal operations have been. In a situation like we are facing now, with widespread teleworking, a company’s prime security concern should be the correct implementation of a strong teleworking policy.

The importance of risk training. 

Keith Barry explains the importance of being a risk driven IT organization and breaks down the 7 steps of how to successfully become one. Based off of the full article online: https://knowledge.digitaledge.net/compliance/risk-driven-information-technology-organization/

A big misunderstanding we see every day when working with clients is that security can be ensured by buying a device, or implementing a software, or changing one small thing. However, security is an ongoing process- it's an attitude. With constant threats emerging, IT security governance is imperative. Our VP of Compliance dedicates this edition to fully understanding IT Security Governance! 

Recently, our CEO Michael Petrov has been featured in an exhibit "Immigrants Mean Business". This exhibit features immigrants that came to America and built up their own small business. All the photos were taken by Tesfa Alexander in this exhibit that is open on weekends until September 8th 2019! We have uploaded the photo's Tesfa took for Digital Edge!

IT Compliance vs. IT Security : “What’s the difference?”

It is without a doubt that 2018 has become the year of IT Compliance. With so many new laws becoming effective, including EU’S GDPR, California’s Data Privacy Law, and Canada’s PIPEDA, the line between security and compliance may seem easily blurred for IT professionals. So, the question becomes: How do we produce a comprehensive security program, while ensuring that we meet compliance obligations? However, there is one problem that surfaces repeatedly, regardless of which regulatory standard (e.g., PCI, HIPAA, etc.) your company must meet, and that is failing to understand the difference between compliance and security. Sometimes organizations think that these are one and the same to the point that they become so consumed by complicated regulations that they stop focusing on security altogether. This month's edition of Ask Our VP of Compliance will address the differences between IT Compliance and IT Security:

• IT Security: Explained
• IT Compliance: Explained
• What Are the Differences? And Why are Both Necessary?
• How do IT Compliance Management and IT Security Management Integrate?
• Becoming COMPLIANT and SECURE

You have your corporate email defenses lined up. While you may be using an out of the box product such as Microsoft O365 or something more sophisticated like ProofPoint – here is what you need to know.

Although you might be as safe and secure as possible you should still be aware of the vulnerablities that exist and can affect you.  

Unless users are restricted from using mobile email apps, there is nothing that can protect you. This risk extends even to disclosure of your corporate authentication. 

Click here to read about this potential threat.

Author: Danielle Johnsen (VP of Compliance)
Date: 21 May 2018
Version: 1.1

This document defines Digital Edge’s policy on General Data Protection Regulation of European Union and is based and principles.

Friends and Colleagues, 

It is critical that at this time, the Digital Edge Security Team sends an urgent warning about a wide-spread email phishing campaign aiming at Microsoft Office 365 users. The emails have subject similar to this: “View your Office 365 Business billing statement for…”. 

The email looks very real and our Security Team is urging what users should pay attention to when analyzing such email for authenticity.

Multiple clients have notified us about receiving said emails and some people were getting trapped by this campaign. 

Click here to read more about this incident of email phishing and possible remediation for this and further attack involving setting up spying rules in your Office 365 account.