NIST 800-53: A Guide to Compliance

The NIST 800-53 standard offers solid guidance for how organizations should select and maintain customized security and privacy controls for their information systems. NIST SP 800-53 Revision 5 is one of many compliance documents you need to familiarize yourself with if you are working with information technology. This post breaks it down for you into digestible pieces that emphasize the standard’s practical meaning and application.


Information Security Policy: Must-Have Elements and Tips

Organizations often create multiple IT policies for a variety of needs: disaster recovery, data classification, data privacy, risk assessment, risk management and so on. These documents are often interconnected and provide a framework for the company to set values to guide decision-making and responses. Organizations also need an information security policy. This type of policy provides controls and procedures that help ensure that employees will work with IT assets appropriately.

What is Active Directory

The simplest definition of Active Directory is that it is a directory service for Windows operating systems. But what does this actually mean? What is Active Directory used for? How can you manage it? Whether you are a new system administrator who wants to learn Active Directory basics, such as its structure, services, components and essential terminology, or a seasoned administrator looking to find new best practices and improve your skills even further, this eBook has something for you.

How to Perform a Data Protection Impact Assessment (DPIA)

Conducting a data protection impact assessment (DPIA) or privacy impact assessment (PIA) is a complex and challenging task. Nevertheless, it’s critical to do. Data privacy concerns have become a significant focus across all industries, and for good reason: data is at higher risk than ever before. In its 2020 Q3 Data Breach QuickView Report, Risk Based Security revealed that 36 billion records were exposed during the first three quarters of 2020.


Best Server Monitoring Software Tools

If you don’t know the state of your network and server health every second of the day, you’re like a blind pilot inevitably headed for disaster. Fortunately, the market now offers many good tools, both commercial and open source, for network and Windows Server monitoring. We’ve put together a list of best open source, free and paid Windows Server monitoring tools that have proven their value in networks of many sizes.


Top GDPR Solutions for Security and Consent Management

The General Data Protection Regulation (GDPR) is a set of provisions and requirements governing data protection and privacy for individuals across the European Union. It applies to any business or public body — inside or outside the EU — that handles the personal data of EU residents. Essentially, GDPR requirements govern the way companies process and store personally identifiable information (PII).


What Is HIPAA Compliance: Guidelines for Becoming Compliant

The Health Insurance Portability and Accountability Act (HIPAA) is a U.S. law designed to protect individual privacy by establishing national standards for maintaining sensitive patient health information and medical records. HIPAA compliance rules incorporate requirements from several other legislative acts, including the Public Health Service Act and the Health Information Technology for Economic and Clinical Health (HITECH) Act.