Free corporate IT security policy development tips from Soteria’s expert IT security consultants.

Read Soteria’s IT security policy development tips to guide your firm in crafting security policies that protect your business without impacting your organization’s workflow. Use this advice to shape your corporate security procedures and improve the security posturing of your firm.

Does a regulatory compliance require your business to have certain policies in place? Understand what policy documentation your business needs to meet your security requirements.

Looking for assistance on security policy development?

Check out Soteria’s policy and training development services and leverage the knowledge of our security experts. Develop a custom series of policy documents for your business that aligns with your needs and regulatory requirements.

Looking for additional security tips?

Check out Soteria’s additional posts to broaden your understanding of other important security topics:

Read our tips on developing Security Policies for your business.

The Backup Plan

"Do we have backups?" It is one of the first questions during any ransomware incident. It seems like an easy question. “Of course we have backups, we’ve even tested it and fall back on them on a regular basis” is the common answer Soteria receives. Unfortunately, the reality of the situation is often that [...]

The Backup Plan2019-10-02T15:54:55+00:00

NYDFS Cybersecurity Ruling Challenges Businesses to Rethink Security

The large volume of financial, banking, and insurance firms doing business in New York makes the state’s financial services and insurance industry a rich environment for hackers. For this reason, it comes as no surprise to learn the New York Department of Financial Services (NYDFS) passed far-reaching and detailed regulations designed to protect New [...]

NYDFS Cybersecurity Ruling Challenges Businesses to Rethink Security2017-06-26T15:46:21+00:00

OneLogin Customer Data Compromised

Login credential management platforms are valuable tools for organizing and securing a business’s or individual’s account usernames and passwords. While password management platforms simplify the process of creating and managing secure account credentials, they are not a 100% solution for account security practices at your business. On May 31, 2017, OneLogin, a credential management [...]

OneLogin Customer Data Compromised2017-06-21T15:13:35+00:00

Soteria Presented with SC Cyber Award of Excellence

COLUMBIA, SC - May 23, 2017 - Soteria, LLC, a Charleston-based cyber security consulting  and product development firm, received the SC Cyber Award of Excellence for Industry at the 2017 Cybersecurity Summit. Recipients of the SC Cyber Award of Excellence must have a demonstrated commitment to advance talent, techniques, and tools required to defend [...]

Soteria Presented with SC Cyber Award of Excellence2017-06-21T15:13:45+00:00

Defending against WannaCrypt and other Ransomware Attacks

Defending against WannaCrypt and other Ransomware Attacks The WannaCrypt attack, a massive ransomware attack impacting businesses and individuals alike, has been making headlines around the world. Not only did this event hit a large number of victims, this attack has been further sensationalized because it utilized exploits said to be developed by the National Security [...]

Defending against WannaCrypt and other Ransomware Attacks2017-06-21T15:13:54+00:00

4 Security Questions to Ask When Outsourcing IT Operations to Make Sure Your Business Isn’t at Risk

Outsourcing IT operations to managed IT services providers (MSP) is a common trend for a business looking to maintain its operational efficiency while cutting down on cost. In addition to assisting with IT infrastructure management, 38 percent of businesses that hire an MSP do so with the expectation that their business will have enhanced security [...]

4 Security Questions to Ask When Outsourcing IT Operations to Make Sure Your Business Isn’t at Risk2017-04-21T13:42:57+00:00

Cyber Event SAR Requirements for Broker Dealers and Financial Institutions

When a firm experiences a cyber event or security intrusion, it is often a chaotic experience. Responders are focused on detecting the breach source, locking down their IT infrastructure, and understanding the extent of their losses. However, when responding to an incident, it is important for firms to not overlook their other required breach [...]

Cyber Event SAR Requirements for Broker Dealers and Financial Institutions2017-06-01T19:23:09+00:00

NYDFS Cybersecurity Compliance Requirements

Due to the ever-growing threat of cyber attacks, businesses operating in the NY State financial services and insurance industries are required to establish cybersecurity programs. The New York State Department of Financial Services (NYDFS) passed a set of regulations (23 NYCRR 500) requiring banks, insurance companies, and other financial services institutions supervised by NYDFS [...]

NYDFS Cybersecurity Compliance Requirements2017-06-01T19:22:05+00:00

Social Engineering Awareness

@nismoguy1, social engineering is an important security topic that impacts individuals and businesses alike! Before answering your question, it is important to define the term social engineering. A broad definition of “social engineering” is influencing someone to react in a certain way by exploiting one’s interests, habits, etc. In the context of cybersecurity, “social [...]

Social Engineering Awareness2018-09-17T18:47:22+00:00

Phishing Attack Protection

@Pwdrkeg, effective and comprehensive phishing attack protection should combine technical solutions with user education. It is important to note that protecting against phishing attacks is a process that must constantly be revisited and adjusted as appropriate. We have outlined four recommendations for a well-rounded approach for effective phishing attack protection. 1.Configure email spam filters [...]

Phishing Attack Protection2017-03-28T20:37:49+00:00
Go to Top