INDUSTRY INSIGHT: BlueBorne and Wireless Risk…Going Beyond NIST and Standard Frameworks. Security frameworks such as the National Institute of Standards and Technology SP 800-53, 800-121, and Department of Defense 8500 security requirements rely mostly on FIPS 140-2 and are stringent and unforgiving to insecure protocols such as wireless — specifically, Bluetooth and other 802.15 protocols. Unfortunately, these requirements are frequently overlooked and the features get included in phones. The other overlooked peripherals that pose risk are 2.4 GHz keyboards and mice. Thankfully, bring-your-own-device policies have not caught on or been encouraged in the public sector to the degree they have in the private sector. This type of cost-cutting strategy can end up costing the organization more money in the long run when it must address compromises on unmanaged BYOD devices containing enterprise data. Read more
SECURITY: Why Agencies Need to Protect Their Endpoints, and Not Just Their Networks. As agencies deploy more mobile devices, their users out in the field and away from their desks become targets for hackers and cybercriminals. Click here for key takeaways.
HEALTHCARE: 5 Tips to Lockdown Security for Internet of Things Medical Devices. Segmented networks, authorization protocols, device behavior are a few strategies that execs should adopt today. Find out more
READ: Hackers Reveal Leading Enterprise Security Blind Spots. When it comes to cybersecurity, hackers said mobile devices are a critical blind spot. This is unsurprising considering bring-your-own-device (BYOD) policies which connect unknown mobile devices, OS versions, and patch processes to corporate networks. Read more
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems September 2017 https://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-june-2017.
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.