Free corporate IT security policy development tips from Soteria’s expert IT security consultants.

Read Soteria’s IT security policy development tips to guide your firm in crafting security policies that protect your business without impacting your organization’s workflow. Use this advice to shape your corporate security procedures and improve the security posturing of your firm.

Does a regulatory compliance require your business to have certain policies in place? Understand what policy documentation your business needs to meet your security requirements.

Looking for assistance on security policy development?

Check out Soteria’s policy and training development services and leverage the knowledge of our security experts. Develop a custom series of policy documents for your business that aligns with your needs and regulatory requirements.

Looking for additional security tips?

Check out Soteria’s additional posts to broaden your understanding of other important security topics:

Read our tips on developing Security Policies for your business.

Surviving a Cyber Security Incident – Part 1

By: Matthew Otte Part 1 — Before the Storm Throughout their many years of practice, Soterians have advised for, participated in, and commanded a large assortment of cyber security incident responses (IRs) in the form of both exercises and real-world events. Though no two response efforts are exactly alike, Soteria has discovered a pattern of common pitfalls [...]

Surviving a Cyber Security Incident – Part 12022-03-30T13:07:30+00:00

Understanding MDR

By: David S. MANAGE. DETECT. RESPOND. In any organization that uses computers to manage or operate their business, there is inherent risk of a cyber incident. The level of risk can vary based on the structure of systems, controls in place, the storage or transfer of sensitive information (e.g. financial, personal, health, or intellectual property), [...]

Understanding MDR2022-03-14T16:19:39+00:00

Another Look At Active Directory Security

By Carl L Active Directory is the backbone of most organizations, and compromising this tool is the Holy Grail for most attackers. Any organization that has been around for a while has likely been through many iterations of Active Directory. Over the years they may have seen hundreds or thousands of different recommendations, upgrades, [...]

Another Look At Active Directory Security2022-01-18T16:59:11+00:00

Azure AD Default Configuration Blunders

By: Carl L Following the release of two recent blogs regarding Microsoft’s Azure Active Directory default configurations, we began digging a little further into the access an unprivileged user has inside any tenant running any of the default settings in their tenant. What we’ve found is that the Default Enabled settings allow any unprivileged, authenticated user [...]

Azure AD Default Configuration Blunders2022-03-30T00:40:54+00:00

Soteria 365 Inspect

Open-Source, Automated Microsoft 365 Security Assessment: Announcing Soteria 365 Inspect   Try it for yourself here: https://github.com/soteria-security/365Inspect Although infrastructure deployment technologies like Amazon Web Services and Microsoft Azure steal the headlines, the shift of business productivity tools to the cloud was just as rapid. For many, that need is served by Office 365, [...]

Soteria 365 Inspect2021-04-30T00:24:01+00:00

New Year Information Security Resolutions

To actually achieve this year! New Year's resolutions always start with gusto. As time passes and obstacles arise, resolutions tend to fade before they are achieved. Soteria is here to guide you towards a sustainable resolution and successful start to the new year and decade that will help your organization grow its security capabilities [...]

New Year Information Security Resolutions2020-01-09T18:36:29+00:00

Pay Up

It’s happened, computer screens are filled with demands, data is encrypted and inaccessible, systems are disrupted, your backups were not protected (see our “Backup Plan” blog post) and you’re experiencing the panic of ransomware. What do you do? Try to negotiate with unknown attackers or start from scratch and rebuild your IT environment? Either [...]

Pay Up2021-03-16T00:15:29+00:00

The Backup Plan

"Do we have backups?" It is one of the first questions during any ransomware incident. It seems like an easy question. “Of course we have backups, we’ve even tested it and fall back on them on a regular basis” is the common answer Soteria receives. Unfortunately, the reality of the situation is often that [...]

The Backup Plan2019-10-02T15:54:55+00:00

NYDFS Cybersecurity Ruling Challenges Businesses to Rethink Security

The large volume of financial, banking, and insurance firms doing business in New York makes the state’s financial services and insurance industry a rich environment for hackers. For this reason, it comes as no surprise to learn the New York Department of Financial Services (NYDFS) passed far-reaching and detailed regulations designed to protect New [...]

NYDFS Cybersecurity Ruling Challenges Businesses to Rethink Security2017-06-26T15:46:21+00:00

OneLogin Customer Data Compromised

Login credential management platforms are valuable tools for organizing and securing a business’s or individual’s account usernames and passwords. While password management platforms simplify the process of creating and managing secure account credentials, they are not a 100% solution for account security practices at your business. On May 31, 2017, OneLogin, a credential management [...]

OneLogin Customer Data Compromised2017-06-21T15:13:35+00:00
Go to Top