While it is impossible to predict the future (since I don’t really have a crystal ball) I can offer the following predictions for security trends to watch for in 2016: We will continue to witness large scale data breaches that could have been prevented if only well established security practices had actually been applied. Companies […]
About Paul Hill
Paul Hill has worked with SystemExperts as a principal project consultant for more than twelve years assisting on a wide range of challenging projects across a variety of industries including higher education, legal, and financial services. He joined SystemExperts full time in March 2012 and coordinates the SMARTday practice.
Entries by Paul Hill
BYOD security is a frequent topic among IT security experts. This, my third BYOD post this year, focuses on the mobile market. (Post one, Always-on Access Brings Always-Threatening Security Risks, June 25, 2015; Post two, Device Settings that Help Prevent Unauthorized Information Disclosure, July 13, 2015.) The mobile market continues to be very dynamic. Just […]
In a recent Q&A session, Joe Clapp and I were asked to address the security risks that the continuing technological change in cloud data center poses. Following are our responses to the most common risks associated with cloud data center change and our recommendations how to safeguard data given these considerations. Data and data handling […]
The security of backups is multifaceted. Factors to be considered include encryption at rest, encryption during transmission if applicable, security of shipping if applicable, physical security, environmental controls to prevent damage, and record keeping in order to prevent loss, and to ensure that data is destroyed once the retention period has expired. In situations where confidentiality is of importance, […]
I was recently asked to comment on some of the most common bug management mistakes enterprises make and how to avoid these issues. I have found that one of the most common mistakes is the failure to track vulnerabilities that have been deemed an acceptable risk and left unpatched. There are many reasons why an […]
Following up on my recent post (“Always-on access, brings always threatening security risks”) I’d like to continue the conversation and discuss other device settings that help prevent unauthorized information disclosure. Many organizations overlook the risks posed by Bluetooth. The security of Bluetooth has been slowly increasing over the years. When it first appeared many devices […]
Always-on access to work for employees comes with always-threatening security risks One of the controls that appears in ISO 27002, titled Information technology – Security techniques – Code of practice for information security management, suggests that limiting the period during which connections to computer services are allowed reduces the window of opportunity for unauthorized access. […]
Ericka Chickowski of Dark Reading recently asked security experts to contribute key questions to ask a cloud security provider. While I’m please that two of my questions were included in the article , I have three additional questions you should ask to help you assess the risks of cloud services. 1) What security compliance programs […]
IT systems pervade enterprises. Systems are increasingly complex; enterprises constantly seek more rapid deployments. And enterprises are increasing the volume and diversity of the data collected and analyzed. All of these factors mean that enterprises cannot rely on a small set of steps to safeguard its operations. Well established security frameworks such as PCI, HIPAA, […]
Since 1994, SystemExperts has been helping companies see the big picture and design solutions to meet their comprehensive security needs. We over-deliver and provide unmatched personal attention, distilling problems to their root causes and recommending what’s appropriate for every client.
News & Insights
Tel: 1 (888) 749-9800
Fax: 1 (978) 440-9636