RSI Security

Blog

  • Top Three Approaches to DNS Filtering

    Top Three Approaches to DNS Filtering

    Firewalls and web filtering are essential to protecting your organization’s networks against unsafe websites. DNS filtering or DNS content filtering is one of the most effective ways to filter every connection request users on your network make with the internet. It provides a customizable and flexible method to block access to certain domains based on a variety of logical parameters. In particular, there are three approaches that work most effectively. (more…)

  • Top 10 Security Concerns in Cloud Computing

    Top 10 Security Concerns in Cloud Computing

    Cloud computing is growing exponentially in scale, scope, and service sophistication. While this provides many opportunities for service providers, organizations, and consumers alike, the rapid evolution of this technology has produced several cloud computing security concerns. Ranging from insignificant vulnerabilities to sophisticated attacks against your entire organization, the Cloud is a challenging place to tread alone.  (more…)

  • Ransomware Awareness Training: Best Practices and Top Considerations

    Ransomware Awareness Training: Best Practices and Top Considerations

    Hundreds of millions of ransomware attacks occur across the globe every year. Unfortunately, it’s a growing problem that puts countless IT environments continually at risk. Thankfully, ransomware awareness training ensures your entire team is aware of the tricks, traps, and pitfalls of modern ransomware.  (more…)

  • Does Your Organization Need Privacy by Design Certification?

    Does Your Organization Need Privacy by Design Certification?

    Privacy by Design certification helps ensure acceptable privacy standards per the European Union’s (EU) General Data Protection Regulation (GDPR). Although certification is not explicitly a GDPR requirement, the concept of Privacy by Design (PbD) is. What certification achieves is one of the few up-front and tangible methods to demonstrate that protecting data subjects’ personal information is an essential consideration factored throughout systems design, service delivery, and ongoing management. Despite the GDPR’s recent publication, designing IT systems around data privacy is nothing new nor exclusive to the EU’s regulation.  (more…)

  • How to Conduct a SOC 2 Gap Assessment

    How to Conduct a SOC 2 Gap Assessment

    System and Organizations Controls (SOC) reporting comes in multiple varieties, with each kind applying to different industries or intended for different audiences. SOC 2 is primarily aimed at Software-as-a-Service (SaaS) providers and similar service organizations. Although SOC 2 compliance provides a comprehensive framework for security, data integrity, user privacy, and more, there are some issues that can only be identified with a SOC 2 gap assessment.   (more…)

  • Top 4 Kinds of Cloud Security Tools

    Top 4 Kinds of Cloud Security Tools

    Cloud security tools have never been more critical to day-to-day operations. With so many organizations moving increasing amounts of their functionality into the cloud and increasing their reliance on cloud-based technologies, these tools are crucial to improving the user experience for everyone involved. Read on to learn which cloud tools to prioritize for your organization. (more…)

  • Does Your Organization Need a Virtual CISO?

    Does Your Organization Need a Virtual CISO?

    In the context of ever-escalating cyberthreats, a dedicated Chief Information Security Officer (CISO) proves to be indispensable. A CISO provides invaluable direction and can help avert potentially debilitating crises. But a virtual CISO (vCISO) offers similar oversight and security program assistance, all at a much lower cost. Does your organization need a virtual CISO? (more…)

  • Enterprise Security Architecture Requirements and Best Practices for Sustained Growth

    Enterprise Security Architecture Requirements and Best Practices for Sustained Growth

    Security architecture can be defined as the controls that support IT infrastructure. For a large enterprise, security architecture extends beyond prescriptive processes; it must adapt to address evolving cybersecurity threats and risks. Following a selection of common enterprise security architecture requirements and implementing best practices across industries can help any organization achieve robust cyberdefenses while optimizing ROI. Read on to learn more. (more…)

  • What is the SOC 2 Certification Validity Period?

    What is the SOC 2 Certification Validity Period?

    Overseen by the American Institute of Certified Public Accountants (AICPA), SOC 2 evaluates the implementation of effective standards and controls for organizations outside the financial sector, including software-as-a-service (SaaS) providers. Since the SOC 2 certification validity period only lasts for a limited amount of time, those pursuing certification on a long-term basis will need to dedicate themselves to learning and maintaining these rules.  (more…)

  • Recap: Understanding SOC 2 Reports: Types, Purposes & Key Benefits Explained

    Recap: Understanding SOC 2 Reports: Types, Purposes & Key Benefits Explained

    RSI Security hosted a webinar with Mueller to discuss the types, purposes, and benefits of SOC 2 reports. Panelists discussed aspects of SOC 2 audits, risk management, and assessment of organization-specific controls. Read on to learn more about the different SOC reporting frameworks, especially SOC 2 reports. (more…)