Categories
IT Security Outsourced IT

Zero-Knowledge Password Protocol

What is Zero-Knowledge Password Protocol? Zero-knowledge password protocol or zero-knowledge proof (ZKP) is a method in cryptography where one party (the prover) can prove to the other party (the verifier) that he knows the secret information without revealing it. With ZKP, there is no transmission or storage of password/credential details on the authentication server. The […]

Categories
IT Security Outsourced IT

Interoperability and Sharing Data

What is Interoperability? As cyberthreats are constantly emerging, interoperability is critical for defending systems from cyberattacks. Interoperability is the ability to pass information from one application to another, allowing them to work together. With the rise of Internet of Things (IoT) devices and interconnected devices, ensuring that all cybersecurity applications can communicate and share data […]

Categories
IT Security Outsourced IT

OSI Model

What is an OSI Model? The Open Systems Interconnection (OSI) Model is a conceptual model created by the International Organization for Standardization (ISO) which enables diverse communication systems to communicate using standard protocols. In short, the OSI Model provides a standard for different computer systems to be able to communicate with each other. The OSI […]

Categories
Government IT Security Outsourced IT

HIPAA Administrative Safeguards

What are HIPAA Administrative Safeguards? The Health Insurance Portability and Accountability Act of 1996 (HIPAA, PL104-191) was enacted to protect the privacy and availability of health insurance coverage and medical information. The law’s primary goals include protecting health insurance coverage for workers and their families in the event that the insured employee changes or loses […]

Categories
Government IT Security Outsourced IT

Digital Identity Ecosystem

What is the Digital Identity Ecosystem? The proposal formally known as the National Strategy for Trusted Identities in Cyberspace is now the Identity Ecosystem- a proposal from the United States federal government to improve identity authentication on the Internet and make online transactions safer. The proposal has four goals1: The Identity Ecosystem will add another […]

Categories
IT Security Outsourced IT

Data Historians

What are Data Historians? A data historian is a type of time-series database designed to efficiently collect and store process data from a Supervisory Control and Data Acquisition (SCADA) or automation system. SCADA is a computer-based system for gathering and analyzing real-time data to monitor and control equipment that deals with critical and time-sensitive materials […]

Categories
Application Security IT Security Outsourced IT

File Sharing Best Practices

What are File-Sharing Best Practices? File sharing is a common, yet dangerous, daily business activity. Take time to evaluate your file sharing methods to ensure that you are choosing the most secure procedures. Consider the following best practices as you decide how you will send and receive files securely: Multi-factor authentication. Use multi-factor authentication (MFA) […]

Categories
Government IT Security Outsourced IT

Inadvertent Disclosures under HIPAA

What is an Inadvertent Disclosure under HIPAA? An inadvertent disclosure is an event where a health professional unintentionally reveals protected health information (PHI) to an unauthorized person by mistake. Generally, if PHI is disclosed to unauthorized personnel, a breach of PHI is presumed to have occurred. Depending on the size of the unauthorized disclosure, HHS […]

Categories
IT Security Outsourced IT

Randomness and Entropy

What are Randomness and Entropy? Most modern encryption relies on randomly generated keys. Random numbers are used in many places within the realm of information technology, and they are also used in other fields, such as in the sciences. In mathematical statistics, randomness has been defined as, “of or relating to a type of circumstance […]

Categories
IT Security Outsourced IT

Configuration Management

What is Configuration Management? Configuration management (CM) is a systems engineering process for establishing and maintaining consistency of a product’s performance, functional, and physical attributes with its requirements, design, and operational information throughout its life. For example, in routers or operating systems, manufacturers often set the default configurations with predefined passwords or pre-installed applications. When […]