Latest Entries
Posted by Jason Sherrill
Certified Public Accountants handle enormous amounts of sensitive data when working with their business and individual clients, but many CPAs are not aware of the risk that they're subjecting their clients to when they send or receive documents through many common sharing methods today. Let’s look at three of the most common methods by which CPAs unwittingly put customer data at risk.
Posted by Jason Sherrill
This is one of those calls that makes the hair stand up on your neck. A customer calls your service center distressed because she is seeing suspicious looking pop-ups for credit reports, free loans, or unseemly products when she visits your site. She is concerned that your website has been hacked. You have followed good security practices and your trusted security partner has said that there is no malicious code on your website. What could be causing your customer to see this unusual pop-ups touting free credit scores or credit card offers only when she visits your website?
Posted by Jason Sherrill
I work with many new banks and credit unions every month to help them launch new websites, migrate websites into new hosting environments, and help put DDoS mitigation and other security protections in place. A surprising number of the financial institutions that come to us for help are in a very precarious position with regard to ownership and access to the control mechanisms critical web properties, including their domain registrar account and DNS administration. When time is of the essence, not knowing who holds the keys to these web properties can create significant delays in getting services transferred or restored. If you’re a bank or credit union executive responsible for managing disaster recovery or information security risks, you should set aside some time today to ensure that you know who manages these three important assets.
Posted by Jason Sherrill
A Delivered Secure user recently asked what the External IP Address and Browser UserAgent String values are that we provided in an email notification when someone picks up a file you’ve sent. These two pieces of information help to form an audit trail and provide the sender of the secure message a level of validation that that person who received the files is intended recipient. Are there any security risks associated with highlighting this already public information? Let’s explore that question further.
Posted by Jason Sherrill
Usually the first question prospective clients hope I can answer quickly is, “How much is this going to cost?” That’s a reasonable question, but unless you know exactly what you want and can provide detailed specifications to your development team, you're not likely to receive an estimate with high degree of accuracy. In most situations, you'll achieve a better outcome by sharing your budget amount with a trustworthy partner and asking, "I have X dollars available for this project. How can I best maximize my value in this project?"