• Securing Internet Connected Devices

    Every Internet-connected business takes measures to protect their internal network from unauthorized access. However, certain devices are overlooked by network administrators, who are mainly concerned with protecting desktop and laptop computers, smartphones, and tablets. In many cases, other devices are accessible to the Internet in some way, perhaps unbeknownst to those in charge of security. ... Read More →

  • Security of Deleting Files

    Let’s say you’re changing your computer. Your old computer most likely has private files on it that you don’t want anyone else to see, and that includes whoever is getting it. How can you make sure the new user can’t see those files? Easy, just delete them, right? You’d probably erase the hard drive and ... Read More →

  • Correctly Setting Your Accreditation Boundary is Essential

    So you’re initiating your FISMA program and you’ve already established your information sensitivity category using the FIPS Pub 199 guidelines. Next, you need to cordon off that portion of your total network that will be subject to the accreditation. This is the Accreditation Boundary which we will abbreviate AB. Setting the AB is very important ... Read More →

  • Four Reasons Why You Should Not Let a General IT Security Organization Perform Your FISMA Assessment

    Okay, you have a contract (or subcontract or grant) that involves sensitive government information and a connection to a Federal Information System. So, you are now subject to FISMA compliance and must undergo an assessment. You’ve looked at NIST Special Pub 800-53, Revision 4 and are somewhat bewildered by the hundreds of control requirements. Maybe ... Read More →

  • Your FISMA 12 Step Program

    If you work with the Federal Government, you are going to have to deal with FISMA sooner or later. The following is a guide to help ensure your success while traversing the FISMA process. Let’s start off with the basics! The Federal Information Security Management Act, known as FISMA, requires organizations running systems that process ... Read More →