The NuHarbor Notice
NuHarbor Security Named to CRN’s Security 100 List
Colchester, VT – February 18, 2019: CRN®, a brand of The Channel Company named NuHarbor Security to its 2020 Managed Service Provider (MSP) 500 list in the Security 100 category. This popular list identifies North American solution providers that deliver operational...
Top Three Breaches of the Last Decade
Unless you’re living in a cave, you’ve provided data to a corporation, and a hacker has probably stolen it. Personal data today is one of the most valuable assets on the planet, which leads organizations to spend enormous resources to collect data. However, those same...
NuHarbor Security Doubles Staff, Moves to Larger Space
Colchester, VT – October 1, 2019: NuHarbor Security, a premier cybersecurity service provider, moved from Essex to Colchester, VT. The move punctuated a year of incredible growth. In 2019, NuHarbor doubled its staff to meet the demand for its services.The new space is...
Exim Server Vulnerabilities
By: Justin Fimlaid What is an Exim server? An Exim server is a mail transfer agent used on Linux like operating systems. Exim is a free software and used by as much as 57% of the Internet email servers. Over the past couple weeks it has been noted that a heavy amount...
What is an ISO 27001 Information Security Management System (ISMS)?
By: Justin Fimlaid What does it mean when ISO 27001 references an ISMS? An ISMS stand for Information Security Management System. This essentially means that it is a programmatic structure that allows you to build a security framework and controls specific to and...
What is a SHA-1 Collision Attack?
By: Justin Fimlaid What is SHA-1 and what is the history of SHA-1? Originally SHA-1 was developed as part of a U.S. government capstone project. The first version of SHA was SHA-0 and that was developed in 1993 as the Secure Hash Standard. SHA-0 was originally...
4 Things To Know About The Ohio Data Protection Act
By: Justin Fimlaid The Ohio Data Protection Act was passed in August of 2018 and went into effect as of November 2018. What's unique about this data protection law is that it's unlike recently passed privacy legislation recently seen in California and Colorado. 1....
Building a Vulnerability Management Program with the End in Mind
By: Justin Fimlaid Thinking about building a vulnerability management program? Unsure where to start? Unclear as to why your program might not be working? For some organizations, thinking about the end goal of the vulnerability management process can help provide...
Quick Start: Tenable IO Architecture
By: Justin Fimlaid Are you looking to build your vulnerability management program using Tenable's products? If so, this is a quick start guide to get orientated with the Tenable.IO suite. What is Tenable IO? Tenable IO is Tenable's cloud scanner or SaaS platform. ...
Tenable IO Sensor Deployment Best Practices
By: Justin Fimlaid Every organization has different needs related to their vulnerability management program. This varies from the scanner used (cloud or on premise), the places where sensors are deployed, the technology environment, and the needs of your vulnerability...
Open Banking Directive and Securing Web Application Vulnerabilities
By: Justin Fimlaid If you haven't heard of it there is a new banking directive in the U.K. called the Open Banking Directive. This directive went into effect on January 13, 2018. It's significant for U.S. based banks, because this Directive could apply pressure...
How does Estonia’s e-Voting work?
By: Justin Fimlaid First things first, if you are interested in elections security have not heard of Estonia's electronic voting system I’d encourage you do some research starting with this blog post. There is a lot to Estonia's e-Government initiative, security is a...
Building a Security Operations Center with Splunk
By: Justin Fimlaid Technology is making it easier to build your own SOC Many organizations are considering building their own security operation center. This desire to do-it-yourself style security operations center marks a change in the industry. There is a variety...
Building on People, Process, and Technology
By: Justin Fimlaid For a long time our industry has been saying that addressing people, process, and technology will solve some of the hardest problems in cybersecurity. The term people, process, and technology fundamentally suggests the destination and solution is...
PCI Data Security Standard 4.0
By: Justin Fimlaid You’ve probably heard the rumors. The PCI Council is prepping to release the PCI Data Security Standard 4.0. To date the actual proposed changes have been kept private to the PCI-SSC stakeholders (so limited viewing). The PCI-SSC stakeholders...