Managed cybersecurity service Bay Area

(510) 272-4701

SUPPORT

CONTACT US

The Latest Cybersecurity Risk Alert from the SEC

Anne Bisagno

37 SECOND READ

On May 23rd, the Office of Compliance Inspections and Examinations (OCIE) released a risk alert clarifying 2019 exam priorities regarding the protection of "network storage devices". 

 

The OCIE is reporting to have found the following deficiencies during recent examinations:

 

  • Misconfigured network storage solutions.
  • Inadequate oversight of vendor-provided network storage solutions.
  • Insufficient data classification policies and procedures.
  •  

The OCIE offers the following guidance to address this risk:

 

  • Policies and procedures designed to support the initial installation, on-going maintenance, and regular review of the network storage solution.
  • Guidelines for security controls and baseline security configuration standards to ensure that each network solution is configured properly.
  • Vendor management policies and procedures that include, among other things, regular implementation of software patches and hardware updates, followed by reviews to ensure that those patches and updates did not unintentionally change, weaken, or otherwise modify the security configuration.

 

Xantrion can help you stay in compliance with services ranging from strategic IT planning to security controls mapped to common compliance frameworks. Contact us for more information.

Ready to learn more? Get the latest Xantrion news and IT tips.

‚ÄčSUBSCRIBE

Like leading SF Bay Area based MSP Xantrion on Facebook Award-Winning Bay Area managed IT service provider Xantrion is on Linkedin Follow top Bay Area MSP Xantrion on Twitter