The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts.

  • Blueprints scopes and assignments

    Doug Francis, Senior Consultant, Cloud Solutions Engineering, Coalfire

    Welcome back for part three of four in our Blueprint technical series. Today we’re covering the governance and lifecycle controls of Blueprints within an Azure tenant. There is a lot of power in what Blueprints provide, and this tooling needs to be managed across multiple subscriptions or organization units. This is where Blueprint scopes come into place.

    Read more
  • Azure Policies

    Doug Francis, Senior Consultant, Cloud Solutions Engineering, Coalfire

    Welcome back to Part Two of our four-part Blueprint Series. Today's post covers the use of Azure Policies within a Blueprint deployment along with ARM templates and permissions management. Azure Policies are the critical component of Azure Blueprints. Policies, like ARM Templates, are JSON documents that describe controls around Azure resources. As mentioned earlier, these can be as simple as identifying regions or resources allowed to be deployed. More in-depth capabilities include remediation of incorrect configuration issues and audit settings and configurations of Azure resources.

    Read more
  • The California Privacy Rights Act (CPRA)

    Elizabeth Crooks, Consultant, Privacy, Coalfire

    The California Privacy Rights Act (CPRA) was passed in November by voters in California. Adding another entry to the alphabet soup that is privacy regulations, the CPRA (known as Proposition 24 when it was on the ballot) expands on the state’s landmark consumer privacy law, the California Consumer Privacy Act (CCPA). The CCPA formally came into effect on January 1, 2020, and the final text of the implementing regulations has been released by the California attorney general’s office. The CPRA both expands the protections put in place by the CCPA and makes it harder for businesses to sell or share personal information.

    Read more
  • Systemic non-compliance: the root cause of pain for healthcare organizations

    Tommy Abraham, Senior Director of Healthcare Assurance, Coalfire

    Recently, I was fortunate enough to experience the joys of becoming a father as my wife and I welcomed our first child into the world. It was one of the most beautiful experiences of my life and I’m grateful for the advances we have made in modern medicine and technology. I mention this personal anecdote to provide context for what I witnessed about the data security challenges that have existed for years in the healthcare industry and are still pervasive today.

    Read more
  • Cloud tech first floor recommendations

    Adversary Ops, Coalfire

    I hate to say it, but I’m an old, curmudgeonly guy that’s been in the industry more than 20 years. And after a while, things just start to wear on you. In fact, there was a point in my career that I swore if I had to counsel just one more company on the importance of having strong passwords and password policies, I would jump out a window. And yet here I am, still dealing with these issues many, many years later. Thank goodness my recommendations were always delivered on the first floor.

    Read more
  • Displaying results 36-40 (of 163)
     |<  <  4 - 5 - 6 - 7 - 8 - 9 - 10 - 11 - 12 - 13  >  >| 

Recent Posts

Post Topics