Monthly Archives: Mar 2017

AIDE – Appalachian Institute Of Digital Evidence

Posted from: AIDE Website

The legal, IT, business, military, and intelligence communities struggle to keep pace with this flood of technology and to adequately understand the nuances of digital evidence. To serve the public good, practitioners in a variety of disciplines must cooperate and keep current when it comes to technology and the law.

The Appalachian Institute of Digital Evidence is a regional not-for-profit organization dedicated to serving the legal, technical, public sector, and business professionals for whom digital evidence is part and parcel of their work. The AIDE exists to help network administrators, digital forensics practitioners, law enforcement, and legal professionals survive – and even thrive – in the ever-changing landscape where technology and the law meet. Fostering collaboration among practitioners, students, and academics, AIDE aims to improve access to information, develop solutions to practical problems, and narrow the gap between the accessing and use of digital evidence and traditional physical evidence in the law.

Lawyers, judges, digital forensic examiners, network security professionals, and law enforcement personnel are all stakeholders when it comes to digital evidence. AIDE, comprised of three sub-groups (Digital Forensics, Information Security, and Electronic Discovery) is here to serve them.

If digital evidence is a critical part of your profession or field of study, we invite you to join us. AIDE is in its infancy. Help us build a progressive, active, professional organization.

More information about AIDE working groups:

Digital Forensics | Information Security | Electronic Discovery

Josh Brunty, from Marshall University, talks about network forensics at AIDE 

read more

Thoughts about Network Security and Policy Accountability

Network Security Definition

What does Network Security mean? Network security is an over-arching term that describes that the policies and procedures implemented by a network administrator to avoid and keep track of unauthorized access, exploitation, modification, or denial of the network and network resources. This means that a well-implemented network security blocks viruses, malware, hackers, etc. from accessing or altering secure information. Health Check: The first layer of network security is enforced through a username/password mechanism, which only allows access to authenticated users with customized privileges. When a user is authenticated and granted specific system access, the configured firewall enforces network policies, that is, accessible user services. However, firewalls do not always detect and stop viruses or harmful malware, which may lead to data loss. An anti-virus software or an intrusion prevention system (IPS) is implemented to prevent the virus and/or harmful malware from entering the network. Network security is sometimes confused with information security, which has a different scope and relates to data integrity of all forms, print or electronic.

Policies and practices

Compaines must adapt to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: It secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.

Policy and Accountability

When the organization’s policy structure sets clear accountabilities for risk and the compensation system reinforces those accountabilities, there is a positive impact on the organization’s risk awareness and culture. Effectively articulated risk accountabilities lay the groundwork for balancing the entrepreneurial, revenue-generation side of the business and the control, risk oversight side of the business, so that neither one is too disproportionately strong relative to the other. This balance is elusive, which is why a strong foundation of clear accountabilities is vital to any organization.

 

http://blog.redlion.io/aide-digital-evidence/

read more

HIPAA

Healthcare Providers

As healthcare providers rely more and more on evolving technologies to store and transmit their data, compliance has become an increasingly complex landscape to navigate. Managing the security requirements from federal and state agencies and other third parties can be a daunting task, one that consumes considerable energy, expense, and effort. When you consider that healthcare organizations and their IT vendors must not only achieve compliance but prove that they are a trustworthy resource, it’s obvious that the industry needs a system that is clear, efficient and secure. The basic compliance rule book, of course, comes straight from HIPAA. By now experienced providers are familiar with HIPAA’s baseline of requirements; they must ensure the confidentiality, integrity, and availability of any data they create, receive, maintain, or transmit, while providing reasonable protection against threats. This all sounds reasonable enough until providers dig a little deeper for an actionable roadmap and instead find vague language with a lot of loopholes.

HITRUST

Consider, for instance, HIPAA’s guidelines that allow for considerations such as the size, complexity, and capabilities of the organization, including technical infrastructure, hardware, and software capabilities, costs of security measures, and the probability of potential risks when selecting controls to implement. These guidelines are too elastic to provide specific and reliable direction for providers – nor does following them offer a solid guarantee of data protection. As a result, providers that follow HIPAA requirements are often unsure of what constitutes “reasonable and appropriate” protections. Often they implement controls without reasonable justification – or worse, implement controls that aren’t sufficient. They conduct inadequate risk assessments or skip them entirely. When you consider how many significant fines the OCR issued in 2012, the need for standardized and actionable guidance becomes clear. This is where the Health Information Trust Alliance (HITRUST) comes in.

CFS

Developed by healthcare and IT professionals, the HITRUST Common Security Framework (CSF) helps organizations by providing an efficient and prescriptive framework for managing the security requirements inherent in HIPAA. By integrating the diverse set of existing requirements applicable to agencies and businesses, HITRUST seeks to eliminate the inconsistencies and wasted resources so typical in reporting healthcare compliance. This is not to say that HIPAA is a waste or should be ignored. HITRUST should be seen, rather, as an important, industry-managed approach to meeting HIPAA security rule requirements. HITRUST can offer providers a trusted benchmark from which they can measure and manage their own compliance – while offering proven protection to their customers. The Value of the HITRUST CSF When you consider that virtually every healthcare provider has more than just one compliance obligation, the advantages of the HITRUST CSF becomes clear. By translating HIPAA and HITECH requirements into an actionable roadmap that is cross-referenced to many other security and data privacy regulations, the CSF provides organizations with a prescriptive set of controls that can be used to manage compliance across a broad range of regulatory requirements. This comprehensive approach reduces complexity, risk and cost while protecting sensitive patient and other data.

Standards for Healthcare Providers

With one simplified compliance process, the CSF: Incorporates existing, globally recognized standards such as HIPAA, NIST, ISO, PCI, FTC Red Flag and COBIT Reduces risk of non-compliance with HIPAA Scales according to your organization’s size, type and complexity Provides clear, actionable guidelines Evolves according to your needs, as well as changes in both the healthcare industry and the regulatory environment The Benefits of HITRUST Certification Right now it is virtually impossible to claim that your organization is “certified HIPAA compliant” as no formal process or status exists. Yet HITRUST offers a third-party assessment that verifies your organization has met all of the industry-defined certification requirements of the CSF. What benefits can certification offer you? To start, it can save you considerable time and money when it comes to audits; because the consolidated controls view from the CSF provides visibility into the controls overlap among multiple regulatory requirements, you’ll be able to demonstrate exactly how your controls program is meeting the combined requirements. With one assessment, you can generate multiple reports addressing multiple legislative, regulatory or best practice frameworks such as HIPAA, PCI or NIST. Yet perhaps the most far-reaching and competitive advantage relates to your brand. Consumers today are aware of and concerned by cybercrime and privacy breaches, and most are too cynical to truly believe an organization’s marketing claims of data protection. Yet a third-party attestation – one benchmarked against a recognized controls framework specifically designed to fully address the letter and spirit of HIPAA – can lend your security program both credibility and prestige.

In the End

Once HITRUST CSF Certified, your organization will be able to advertise its compliance and security, with the proof to back it up. A Foundation for Better Healthcare When it comes to compliance, the world of healthcare technology can be a complicated place. HITRUST certification simplifies compliance by offering providers a tailored set of controls, founded on the expertise and best practices of leading healthcare and IT experts, for an assumed set of risks and compliance requirements. By helping organizations of all sizes and backgrounds become certified, the CSF ultimately allows providers to spend less time worrying about compliance – and spend more time focused on patient care.

read more

Doors Open

Welcome to Red Lion. Our doors are open!

Today marks the first day that Red Lion is officially open for business. We welcome all companies that need solutions to their security issues. Red Lion is a top-shelf Information Security consulting firm with unprecedented access to the highest caliber hackers the industry has to offer.  Our Capabilities are listed below.

Our Capabilities

Security Consulting

● Enterprise Architecture Design and Implementation
● Gap Analysis
● Security Systems Development
● Vendor Comparisons
● Hacker resources used

Compliance

● NIST800-53, ISO27001/2, EUPS, 800-171, BCP / COOP
● Vulnerability & Penetration Testing
● DIACAP/FISMA/RMF(C&A)
● SOX, PCI, HIPAA, FFIEC, GLBA
● Privacy Impact Assessment (PIA)

Cloud

● Cloud Based Security Audits
● Architecture & Design of systems
● Penetration Testing
● Cloud Compliance
● Cost Savings Methodologies
● AWS, Azure, C2S, Oracle

Talent Placement

● Top Caliber Personnel
● Agreeable Rates
● Access to Cleared Personnel
● All stages in Corporate Maturity
● Interns
● Junior to Senior to Executive

Vulnerability

● Automated Service
● Regular Network to ICS/SCADA
● Mitigation Services
● Critical Infrastructure Protection
● Easy to Decipher Reporting
● Focus: Depth over Breadth

Risk Modeling

● Risk, Threat, Vulnerability Mapping
● Asset Discovery and Inventory
● Security and Compliance level set
● Tabletop and onsite exercises
● Multinational Modeling & Mitigation
● Stakeholders Executive Reporting

Identity & Access Management

● Privileged Access Management
● Granular Access Control
● User Attestation to Systems
● Automated provisioning
● Federation extension of systems
● Easy Credential Reset

Policies & Standards Development

● 90,000 Foot view
● Stakeholder involvement
● Fits current business process
● Satisfy Compliance Requirements
● Influence Protection to Employees
● Reduce Risk to the Business

From basic vulnerability scans to compliance validation to full-scope enterprise architecture and security design, we have the right solution to complete your project
ON-TIME and ON-BUDGET.

read more