top of page
.png)
Company Insights
See the plethora of company insights on Security, Compliance, Management and Risk.
Ascent Portal Staff
Jun 21, 20222 min read
Outsourced Development and External System Services
When outsourcing development and external systems, businesses should be careful to outline the obligations and requirements of those...
Ascent Portal Staff
Apr 26, 20221 min read
Information Exchange Protection
The exchange of information performed by organizations must be protected with appropriate security controls. These controls need to be...
Ascent Portal Staff
Mar 9, 20222 min read
Audit Logs Best Practices for Security
Audit logs are key to monitoring for unauthorized activities, insider threats, and issues that may be affecting system performance. The...
Ascent Portal Staff
Feb 11, 20221 min read
Malicious Code Protection
Malicious and mobile code protection is critically important. New variants of malicious code are released every day while mobile code...
Ascent Portal Staff
Jan 14, 20222 min read
Why Equipment Placement and Protection Matters
Organizations should ensure that before equipment (e.g., servers, network infrastructure, information systems) is installed, the location...
Ascent Portal Staff
Jan 11, 20223 min read
Next Significant Security & Compliance Challenge in 2022
In the first work week of the year, I’ve seen several different articles and blog posts about predictions and what to expect from an IT...
Ascent Portal Staff
Jan 7, 20222 min read
The Importance of Physical Entry Controls
If organizations are not able to account for individuals in their buildings or offices at any given time, it will likely result in an...
Ascent Portal Staff
Dec 16, 20212 min read
Managing Wireless Access
Organizations that allow wireless access for computer communications or networking need to focus on how best to protect wireless...
Ascent Portal Staff
Dec 3, 20212 min read
System Utility Access Control Protection
Organizations need to implement system utility access controls to protect and ensure standard, non-administrative users do not have the...
Ascent Portal Staff
Aug 9, 20212 min read
Information Security Categorization and Risk Framing
Security categories for an organization’s information systems need to be defined to enable appropriate risk decisions to be made. Without...
Ascent Portal Staff
Jul 30, 20212 min read
Regular Risk Assessments Are Required
Once organizations have developed a risk management strategy and a risk management program, regular risk assessments should be performed...
Ascent Portal Staff
Jul 7, 20212 min read
Independent Reviews of the Security Program
With the Independence Day holiday earlier this week, the pitfall I’m highlighting here from my eBook, Security Program Pitfalls and...
Ascent Portal Staff
Jun 24, 20212 min read
Pitfall #4 of 100: Security Program Roles and Responsibilities
The next pitfall from my eBook, Security Program Pitfalls and Prescription to Avoid Them, that I’d like to highlight in this blog post is...
Ascent Portal Staff
Jun 23, 20212 min read
Pitfall #3 of 100: Management Commitment to the Security Program
As part of our quest to highlight different pitfalls from my eBook Security Program Pitfalls and Prescription to Avoid Them, this blog...
Ascent Portal Staff
Jun 16, 20212 min read
Pitfall #2 of 100: Security Policies, Plans, and Procedures
Over the next year or so, we’ll be highlighting a different pitfall each week from the eBook Security Program Pitfalls and Prescription...
Ascent Portal Staff
Jun 10, 20212 min read
Pitfall #1 of 100: Documented Security Program Plan
It all starts with a plan. If a Security Program Plan is not developed, documented, and effectively communicated to all stakeholders,...
bottom of page