DFARS In Depth – Part 4: Identification and Authentication

To continue our discussion of the DFARS requirements of NIST Special Publication 800-171, this week we’ll discuss the Identification and Authentication security requirement family.

This requirement family covers how we verify that the users and devices connected to our systems 1) are who they say they are, and 2) should have access to what they’re accessing.

DFARS In Depth – Part 3: Configuration Management

To continue our discussions of the security requirements of DFARS and CMMC, this week we’ll be looking at the fourth security family in NIST SP 800-171: Configuration Management.

Configuration management is a set of practices that ensures that your systems and devices are configured correctly from the start, and that any changes made to their configuration does not affect the security of your systems.

DFARS In Depth – Part 2: Awareness and Auditing

To continue our in-depth discussion of NIST SP 800-171, this week we’ll examine the next two requirement families: Awareness and Training; and Audit and Accountability. These two categories are less technical than the other ones, but they are still vital to protecting your network against threats.

DFARS In Depth – Part 1: Access Control

Recently, we looked at the new DFARS regulation for defense contractors, called the Cybersecurity Maturity Model Certification, and what your business can do to prepare for its implementation. As we mentioned, CMMC will be largely based on NIST SP 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations”. So, starting this week, we will examine each of the 14 security requirement families outlined in SP 800-171, and how your business can implement their requirements successfully, even in a small network.

How Working With an MSP Will Help Your Business

For the past few weeks, we’ve been examining the different roles that make up a well-staffed IT department. But, what if your business isn’t quite at the point where you’re ready to fill all of those positions? That’s where a Managed Service Provider (MSP) comes in.

The Ins and Outs of IT Leadership

In the last few articles, we’ve discussed how to build an effective IT team that will help your business to grow and succeed. But your team will also need effective
leadership -- managers, directors, and executives who can chart a path for your IT department that keeps your business competitive.

How To Staff Your IT Department Strategically

In our last two articles, we covered the various roles that make up an IT department. However, a small or even mid-sized company cannot fill all of these roles immediately. So, the question comes up: As my company grows, how can I strategically fill these IT roles to best utilize the resources I have?

To answer that question, we’ll first examine how IT departments tend to grow organically, and how that can bog down your company with ineffective technical solutions.

The Well-Staffed IT Department – Part 2: Administration

Last week, we started looking into what it takes to fully staff an IT department. We covered some operational roles, such as help desk, engineering, and security compliance. In this article, we’re going to get into some more advanced roles, which you’ll need once your organization and IT team are ready to grow.