Post Archive
Tags
2.0 3.0 Agency Assessment assessments audit Breach BYOD cloud Compliance Cyber cybersecurity Data DRG DSS e-banking encryption engineering federal FedRAMP FISMA forensics government GRC hacker hacking Health Healthcare HIMSS HIPAA HITECH IT labs legislation merchant mobile Navis News NRF P2PE PA-DSS password passwords Payments PCI penetration pentesting policy Privacy program Retail Risk RSA security security. Self-Assessment social State test Testing Virtualization web

The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique IT GRC issues that impact the industries we serve, including RetailFinancial Services, Healthcare, Higher Education, Software, Government and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.

  • The PCI DSS Cloud Computing Guidelines: An Executive Summary

    April 22, 2013, Matt Getzelman, PCI Practice Director

    Matt Getzelman

    The PCI SSC and its Cloud Special Interest Group has released its Cloud Computing Guidelines after a year of collaboration and input from SIG members. Coalfire was a big contributor to this document, and we think it is required reading for anyone who has front-line responsibility for managing compliance at companies using a Cloud Service Provider (CSP). Read More

    Posted in: cloud, Payments, PCI | 0 Comments

  • FedRAMP Question and Answer session from PMO webinar

    November 13, 2012, Tom McAndrew, EVP, Coalfire Federal

    Tom McAndrew

    On October 25, the FedRAMP PMO conducted its first webinar, in what will be a series of webinars, on the FedRAMP process. This first webinar covered the four methods that CSPs can get listed in the FedRAMP repository.

    This webinar is well worth the time to listen to it. The PMO had a lengthy Q&A session, which we have transcribed for your convenience below. The FedRAMP PMO also provides a transcription, but leverages a speech-to-text service which garbled some of the phrases and meanings. Our human reviewed Q&A of that section of the webinar is below. Read More

    Posted in: cloud, federal, fedramp, government | 0 Comments

  • Moving to the Cloud: Considerations for Implementing Cloud Migration Plans

    May 25, 2012, Kennet Westby, President and COO

    Kennet Westby

    Over 60 executive level attendees came to the Omni Interlocken Resort in Broomfield, Colorado for the National Council of Higer Education Loan Programs (NCHELP) Spring convention and to hear from a panel of cloud experts on how the migration to cloud IT services could impact their business in the future.  Read More

    Posted in: cloud, compliance, security | 0 Comments

  • RSA 2012: Mobile, Cloud, and Intelligent Control

    March 02, 2012, Rick Norman, Director, Professional Services

    Rick Norman

    It was good to catch up with our customers and partners at RSA 2012 this week. Much of the buzz this year was around mobile devices and securing the cloud. We were glad to see innovative organizations introducing compliance-validated architectures based on these emerging technologies. One such organization was Hewlett-Packard, a Coalfire client and business partner.  Read More

    Posted in: byod, cloud, compliance, RSA | 0 Comments

  • Data Privacy Day 2012 – BYOD

    January 30, 2012, Kennet Westby, President and COO

    Kennet Westby

    January marks Data Privacy Month and on January 28th we celebrated Data Privacy Day. In the past year, we have seen an increase in the consumerization of IT and “Bring Your Own Device” (BYOD) in the enterprise. In honor of Data Privacy Day 2012, we have partnered with The Center for Identity at The University of Texas to host a seminar on Wednesday, February 1. Read More

    Posted in: BYOD, Cloud, Data, Privacy | 0 Comments

    • Displaying results 1-5 (of 8)
     |<  < 1 - 2  >  >|