Category: Blog

Since the California Consumer Privacy Act (CCPA) was signed in 2018, it has stirred up considerable controversy among tech companies, privacy advocates, and government officials. This regulation has fueled an increase in state laws and ushered in the possibility of a comprehensive federal privacy law. The road to imple…

It's hard to believe it's already Data Privacy Day 2019. At this point last year, the data privacy world was in an all-consuming scramble to prepare for the GDPR. In some ways, we've come a long way since then - the GDPR is here, many companies have adjusted, and new laws and trends are beginning to edge into the spotl…

I had a manager who liked to say, "There are no advanced techniques – only the basics, mastered." While I'm not sure that always applies to this field, I think the core lesson holds a lot of wisdom for information security professionals. So, in the interest of getting better at the basics, I reviewed our 2018 penetra…

Preventative ongoing maintenance and monitoring of your users’ SAP security access is critical to avoiding significant deficiencies or control weaknesses.  A governance, risk, and compliance (GRC) tool (such as SAP GRC, Control Panel, ComplianceNow, ERP Maestro) is a great start, but there is more to monitor! Sy…

Since May 25, 2018, organizations have been required to perform data protection impact assessments (DPIAs) under the General Data Protection Regulation (GDPR).  Organizations use DPIAs to assess whether certain data processing activities are a risk to the rights and freedoms of individuals. However, because DPIAs …

Client Overview One of the largest and most geographically expansive water utility companies located in both the United States and…