6 AWS Cloud Security Features You Should Be Using

by Hannah Grace Holladay / April 12, 2023

The security of your AWS cloud environment is your responsibility. Partly. Amazon Web Services (AWS) shares security responsibility with users. They are responsible for configuring and using cloud services securely and in compliance with information security regulations and standards.  But AWS doesn’t leave its users high and dry where security and compliance are concerned. The platform offers an array of cloud security features and tools to help users with AWS…

Making Sure Your Risk Management Isn’t a Wreck

by Mary Beth Warner / May 22, 2023

We’re all bad at risk. There, I said it. We as humans are fundamentally bad at the concept of gauging risk. Now, before the pitchforks and CRISC certifications get raised, let me give you a real-life example of why that is. Imagine you’re a seventeen-year-old, fresh out of high school and enjoying the summer before college. You’ve got a part time job, you’re participating in a few extracurriculars around town,…

How to Write a Cloud Security Policy for Your Business

by Hannah Grace Holladay / June 14, 2023

The major cloud computing platforms are more secure than the average on-premises infrastructure deployment. But “more secure” isn’t the same as “sufficiently secure.” Cloud security is a shared responsibility: cloud vendors provide the foundations, but it’s up to cloud customers to build secure systems. That’s unlikely to happen without a well-documented, comprehensive, and enforced cloud security policy (CSP). A cloud security policy sets security parameters for managers and employees, and…

Six Steps to a Bullet-Proof Disaster Recovery Plan (DRP)

by Hannah Grace Holladay / June 14, 2023

Unfortunately in today’s modern threat landscape, it’s only a matter of time before your business faces a disaster. How would your organization cope if an employee deleted a production database? Could you continue to serve customers if a tornado took out your primary data center? How soon could you recover data encrypted in a ransomware attack or return to normal operations during a denial-of-service attack? Disaster recovery planning ensures your…

ISO 27001:2022 Updates: What Is Changing and Why Does It Matter?

by Hannah Grace Holladay / January 26, 2023

A revised version of ISO 27001 is expected this fall. When standards change, it’s natural for organizations to wonder whether it will impact their operations and compliance. Organizations about to undertake an ISO 27001 audit may hesitate until the new standards are published.  In fact, the changes to ISO 27001 will not have an immediate impact on compliance, and there is no reason to postpone audit preparation. However, a new…