Password Requirements – GDPR, ISO 27001/27002, PCI DSS, NIST 800-53

Last year our team completed quite a few security assessment and remediation projects for our clients, one project required our security team to compile and present a list of password requirements for each of the cybersecurity frameworks our client wished to comply with.

Here is the compilation of that information specific to GDPR, ISO 27001, ISO 27002, PCI DSS, and NIST 800-53 (Moderate Baseline):

Continue Reading

What is PHI under HIPAA?

Protected health information (PHI) is health information in any form – physical, electronic, or verbal information. PHI is any identifiable health information that is used, maintained, stored, or transmitted by a Covered Entity (healthcare providers, health plans, insurers, etc.) or Business Associate (IT service providers, attorneys, billing services, evaluation services, etc.).

Continue Reading

Detecting a Phishing Email – 10 Things to Watch

With an uptick in ransomware infections that are often instigated through phishing emails, it’s crucial to take proactive measures to help protect yourself and your organization’s security.

Having a computer and device that is up to date and patched makes a big difference in reducing an organization’s overall risk of infection.

But being vigilant in detecting phishing emails and educating staff in your organization to also be proactive is a critical step in protection.

Continue Reading

The Risks of Saving Data Locally

We’ve all been there. 50 files cluttering your desktop, versions on top of versions and what seems to be an endless number of folders. While staying organized is crucial, it’s important to understand that storing critical or sensitive data on your computer or local network storage without the proper IT controls in place poses a number of risks. Continue Reading

Meet the Team: Mike Bernard

Meet the Team is an ongoing series that focuses on the members of the Davin Technology Group team.

Meet Mike Bernard. Mike is Davin Tech Group’s Director of IT Operations. He spends most of his days working directly with clients, managing and supporting their IT systems and infrastructure. He is also a master of documentation and oversees the ongoing development of our internal knowledge base and processes. Continue Reading

Death, Taxes & Passwords

$hjV8K9a5h! – Look familiar? You’ve seen this before, you’ve used this before, and you have against all odds tried to remember it before. The days of passwords as such of these are should be behind us. However, they still haunt us.  It’s your Wifi password, your company mandated 12 character, special character, capital letter required password, or even your Facebook login. Time to throw away the sticky notes, here are the essentials to creating a memorable and secure password.

Continue Reading