CJIS Compliance and Your Information Security Program

The role of mobile technologies within the field of law enforcement continues to grow in both importance and number of applications. Law officers count on these technologies for much more than simply receiving dispatch calls or looking up arrest records. Officers are using mobile devices in the field for capturing photo evidence, fingerprinting suspects at the scene, conducting interviews, issuing tickets and citations, managing personnel tracking and deployment, and much more.

Read More

PCI Compliance as Part of University Security...Why So Difficult?

While complying with the Payment Card Industry Data Security Standard (PCI DSS) can be a challenge for any organization, there are specific hurdles to compliance for higher education. 

Read More

Meeting the DFARS MFA Requirements—What You Need to Know

As we noted in two previous blog posts, the deadline for complying with the Defense Federal Acquisition Regulation Supplement (DFARS) data security requirements is Dec 31, 2017.

In one post, we explained the basics of the DFARS data security rules, and in the other we explored the “14 families” of security measures outlined in National Institute for Standards and Technology Special Publication 800-171 (NIST SP 800-171). 

Read More

How to Prepare for the DFARS Compliance Deadline: Part 2




As discussed in our previous blog post, the December 31 deadline for complying with data security requirements in the Defense Federal Acquisition Regulation Supplement (DFARS) is looming.

Read More

How to Prepare for the DFARS Compliance Deadline: Part 1

If you do business with the Department of Defense (DoD), get ready! After a two-year extension, the deadline for complying with the Defense Federal Acquisition Regulation Supplement (DFARS) data security requirements is fast approaching—December 31 of this year.

Read More

How RapidIdentity Protects Student Data & the EFF’s “Spying on Students” Report

Within every market—whether it be government, business, healthcare or education—it’s crucial that identity and access management (IAM) solutions are designed and implemented with close adherence to the latest government, regulatory, and best practice security frameworks and laws, in order to help organizations meet their compliance goals and to ensure the integrity and security of their user data.

Read More

Identity and Access Management Terms Your C-Suite Needs to Know


Now that your C-suite understands your company’s information security program, it’s time to move further into the educational phase.

As you evaluate and prioritize the risks your organization faces, identity and access management (IAM) should become a clearer and clearer priority. To help you educate your CEO on the need for increased investment in modern IAM solutions, here is some key IAM terminology that you can use as you work to transition your company to a more modern strategy.  

Read More

Is Two-Factor Enough or Do I Need Multi-Factor Authentication?


By now, we should all be aware of the inadequacies of passwords. Breach after breach, it's been made painfully clear that single-factor authentication is not enough. But when the traditional means of authentication are so clearly flawed, what’s the next step?

Generally speaking, the best practice is to step-up your security with either two-factor or multi-factor authentication. As these standards have quickly become essential parts of the information security toolkit, they've also become top-of-mind considerations for many IT and security pros.

Read More

Corporate Governance is More Than a Good InfoSec Policy

*Disclaimer: This article originally appeared on IDG Connect

Over the past few years, Governance, Risk, and Compliance (GRC) have become three of the hottest topics in Information Technology circles. The growing demand for compliance with federal and state laws, as well as industry best practices, has necessitated a closer look at IT governance, as well as solutions that help to ensure an organization has invested their time and efforts wisely, through management and implementation of such technologies as access control, data protection, and identity provisioning and management. Proper design, application, and usage of these key technologies (and others) help to control necessary risk management activities and ease the efforts that are required to remediate or address areas where compliance is lacking. 

Read More

6 Things Schools Can Do to Ensure Student Data Privacy

*Disclaimer: This article originally appeared in eSchool News

Student data privacy is quite a different topic from the headlines most people read concerning data breaches. It is not about malicious intruders hacking or stealing credentials to get into a system to steal corporate intellectual property or records to sell on the dark web. Student data privacy concerns, specifically, center on the misuse of personally identifiable information, known by its acronym PII.

Read More

Subscribe Here!