Cybersecurity and Compliance

Throughout 2022, threat actors will likely still view healthcare organizations as worthy targets — especially small and mid-sized providers and their associates. To minimize the risk of healthcare cyberattacks, organizations should look to pursue relevant audits and adhere to compliance standards, partner with organizations who can assist during incidents, and bolster internal resources via key hires or the development of…

In this short clip, Xantrion CTO, Christian Kelly, explains how companies that have successfully migrated to the cloud can feel confident in the security protecting the data and systems their remote team members are using. He’ll also share how cloud-based systems better position companies for future challenges. Don’t hesitate to contact us if you’d like to learn more about how we are…

According to the HIPAA Security Rule, technical safeguards are “the technology and the policy and procedures for its use that protect electronic protected health information and control access to it.” Essentially, a covered entity must implement security measures that allow it to reasonably and appropriately maintain the necessary standards for protection. Moreover, a covered entity must determine which security measures and…

The Department of Health and Human Services (HHS) has proactively updated those who fall under HIPAA coverage (aka, “covered entities”). Here’s what the HHS has to say about the increase in telehealth options:  “A covered health care provider that wants to use audio or video communication technology to provide telehealth to patients during the COVID-19 nationwide public health emergency can…

The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for sensitive patient data protection. Companies that deal with protected health information (PHI) must have physical, network, and process security measures in place and follow them to ensure HIPAA Compliance. Covered entities (anyone providing treatment, payment, and operations in healthcare) and business associates (anyone who has access to patient…

Loss or theft of sensitive data can lead to legal, compliance and business consequences. Be sure to take proper precautions to securely store that data.  Most organizations generate data that, if lost, could be detrimental to business operations, reputation, financial security or competitive position. This is generally considered sensitive data, and its mishandling can lead to business or legal repercussions. …

Risk management, the process of developing a strategy for addressing risk throughout its lifecycle, normally involves four phases: risk identification, assessment, response, and monitoring and reporting. Risk management plays a critical role in helping organizations with their security posture enhancement. Taking insider incidents as an example, they are not only costly to organizations but also time-consuming to be contained. Given…

As a strategic partner for some of the world’s most sophisticated global institutional investors—such as central banks, sovereign wealth funds, pension funds, and foundations—Bridgewater Associates has long been a leader in the world of alternative asset management. The firm has achieved success through a tireless drive to understand macroeconomic trends in global economies and markets. Bridgewater uses this research to…

Multifactor authentication (MFA) is one of the best, yet often misunderstood tools that companies can use to fend off cybercriminals trying to compromise business accounts. It blocks 99.9% of account compromise attacks. It also helps thwart automated bot, phishing, and targeted attacks.  To jumpstart your learning curve, here are the answers to some frequently asked questions about MFA.  What is MFA? MFA is…

Zero Trust is a newer security model that assumes breach and verifies each request as though it originated from an uncontrolled network. Regardless of where the request originates or what resource it accesses, the Zero Trust model teaches us to “never trust, always verify.” Watch this video to learn how Microsoft 365 Business Premium can help keep your company’s sensitive…

The worldwide shift to a hybrid workplace has pushed us all to embrace ubiquitous connectivity. Those new connections have helped us become more collaborative; routinely editing and sharing documents in real-time from wherever we happen to be working. Instant messaging went from being a tool of convenience to a cornerstone of communication. People in business, operations, and technical roles became…

Securing your systems with a data driven, human-guided security approach allows your business to detect and respond to attacks more quickly and accurately. Check out this latest infographic from Microsoft, it outlines how the global network of real-time threat intelligence continues to evolve, anticipate, and stay ahead of risks while delivering on four key security pillars that ensure enterprise-grade security. Have…

Never in our lifetime has cybersecurity been more critical. Review this infographic to learn how Microsoft can make the tasks of protecting virtual machines, data storage, and cloud native services against common threats easier. With integrated security information and event management (SIEM) and extended detection and response (XDR), you get comprehensive threat protection across devices, identities, apps, email, data, and…

Attackers haven’t wasted any time capitalizing on the rapid move to hybrid work. Every day cybercriminals and nation-states alike have improved their targeting, speed, and accuracy as the world adapted to working outside the office. These changes have put “cybersecurity issues and risks” at the top of the list when it comes to worries or concerns for business decision-makers in…

Due to the increasing number of cybersecurity-related laws, regulations, and standards, many companies might discover that they now need to comply with one or more of them. Here is what you need to know if your business makes that discovery.  When the European Union’s (EU’s) General Data Protection Regulation (GDPR) first took effect, it was touted as the most important…

It’s no longer enough to just install a firewall and antivirus software and think you have robust cybersecurity protections. Today, you need a cybersecurity strategy that stands toe-to-toe with the bad guys’ methods, frequency, and vectors of attack. And rather than starting with solutions and working backwards, we recommend checking out this infographic to take a layered approach, then work…

Spear phishing and classic phishing are not one and the same. Discover how spear phishing emails differ from their classic counterparts and how to protect your company from spear phishing scams. Spear phishing and classic phishing email attacks are not one and the same. From a bird’s eye view, they look remarkably similar. That’s because in both types of scams,…

Colonial Pipeline Company recently paid $4.4 million dollars to get its data back after a ransomware attack, rekindling the debate of whether companies should give in to cybercriminals’ demands. Click here to find out why some companies decide to pay the ransom while others do not. 

The California Privacy Rights Act (CPRA), which passed in November 2020, is a comprehensive privacy law that provides significant protections to people who live in California. If your company has more than $25 million in annual revenues and handles the data of California residents, the CPRA will apply to you, regardless of where you’re located. That makes it critical to start getting legal advice and planning your compliance strategy now.   When the CPRA goes into effect on January 1, 2023,…

Many small and midsized businesses (SMBs) are making some basic mistakes when it comes to securing their organizations. Click here to learn three of the most common ones.

Aren’t sure where to start in terms of securing company data on personal devices? Check out this article to learn more about how to protect your company data across all devices.   At Xantrion Inc., we can help protect your company data, no matter where it’s accessed from. Contact our team to learn more.

The California Consumer Privacy Act (CCPA) represents a major advancement in privacy rights for California residents – and a major set of obligations for companies that have customers in the state, regardless of where in the world they are located physically.   Millions of businesses worldwide will be subject to the CCPA. Those subject to the law will be any company…

Phishing attacks are one of the most common security challenges that both individuals and companies face in keeping their information secure. Whether it’s getting access to passwords, credit cards, or other sensitive information, cybercriminals are using email, social media, phone calls, and any form of communication they can to steal valuable data. Click here to learn about five phishing fundamentals…