Fall is Upon Us

2017 has been moving by pretty quickly.  It is now September and the kids are back in school, football season is starting and before we know it, the Holidays will be here!  Fall is a great time of year for catching up and getting ready for next year. Top 10 list of things to do… Read more »

Historical Network Resiliency Planning

The Winchester Star, the local newspaper here in YHB’s hometown, publishes a weekly column of stories from their archives called ‘Out of the Past’. It covers 25, 50, 75, and 100 years of newspaper reporting and gives historical context to what was important in those times. It also makes it easy to pine for headlines… Read more »

De-Mystifying NIST SP 800-171

Traditionally, when people think of National Institute of Standards and Technology (NIST) publications, they think of documents that apply strictly to federal government entities or contractors supporting the federal government. However, NIST also releases publications designed for organizations in the private sector as well. IT-Related NIST Publications Under the NIST umbrella is the Information Technology… Read more »

Project Management for the Rest of Us

I’m not sure if it is because I am getting older or if it is because life continues to get more chaotic, but I find myself constantly looking for better ways to get things done.  I am not a Project Management Professional but I have found some very important and simple elements from the basic… Read more »

SOC for Cybersecurity

If you will recall, the April 25, 2017 edition of deTECH discussed changes in SOC reporting in 2017. Many changes are cosmetic or address changes in accounting standards. For example, SOC no longer means Service Organization Control. Instead, the AICPA has introduced the term system and organization controls to refer to SOC engagements. In addition, SSAE 16… Read more »

Technology and your Mission Statement

Almost every company has a Mission Statement.  This mission statement should reflect your values and answer the question ‘Why do we exist?’  For most companies their strategic plan is reflective of their mission statement.  But what about the IT plan? One of the pillars of YHB’s mission statement is to provide fulfilling careers.  In order… Read more »

BSA/AML and the IT Department

The banking world is a dynamic and complex place. When I first began performing IT audits a dozen years ago, the IT world was a bit of a silo, relegated to the back room. The past few years, however, have seen the profile of IT rise to the Board room level through the increased electronic… Read more »

Don’t Wanna Cry No More

Last Friday around lunchtime employees at several NHS hospitals around the UK received an e-mail stating a number of servers were down.  Then, one-by-one, their workstations began displaying the now tell-tale red and white background.  So started the tsunami-like wave of what is being called the “Wanna Decryptor” or “Wanna Cry” ransomware virus epidemic.  After… Read more »

Document Retention: What questions could there be in your policy?

For me, this time of year is busy trying to get my summer projects planned, the IT Budget finished, and updating policies.  One policy that is of particular interest is Document Retention.  Most people think of this policy in terms of legal issues but it is much more!  I remember purchasing a server about 15… Read more »