Innovative Minds - On Point - One Group  

ISP Blog

This is the blog for MindPoint Group's Information Security & Privacy (ISP) division. We hope to use this to contribute to and debate ideas among the ISP community.
05
Nov
2019

It’s past time we modernized security hardening procedures

By:

Security baseline automation of STIG and CIS controls with Ansible is improving resource management and compliance With an ever-growing workload to accommodate, IT is deploying cloud services and automation to help keep pace with its line-of-business demands. A factory-like mentality towards IT infrastructure operations has allowed businesses to improve upon its SLAs while increasing the

Read More

17
May
2019

MindPoint Group Named One of Washington Business Journal’s 2019 Best Places to Work

By:

When we started MindPoint Group over 10 years ago, the executive team recognized that the key to success lay in our ability to recruit and retain employees. In short, it was all about the people. Our focus was on collaboration, strength, knowledge, and diversity. We treat people with kindness and respect, holding each other accountable. 

Read More

15
May
2019

Even with automation, security baselines like STIG or CIS remain a challenge to manage. But there is hope.

By:

Ever ask a sysadmin what they find most tedious about their job? If they’re being honest, keeping up with security patching and compliance causes the most headaches. Surprised? You shouldn’t be. Patching continues to be a labor-intensive job with dire consequences for misconfigurations that could down a system or expose parts of the environment to

Read More

07
May
2019

Succeeding with FedRAMP: Continuous Monitoring

By:

Introduction So, you’ve received your FedRAMP authorization, either through the Agency ATO or the JAB P-ATO process.  Now what? Unlike other programs, a Cloud Service Provider (CSP) can’t just sit back and relax; there is still a lot of work to be done to maintain that FedRAMP Authorization.  In fact, it can be a daunting task in and

Read More

28
Mar
2019

Using CSPs to Reduce Front-End Attack Vectors

By:

What is a CSP? CSP is an acronym for Content Security Policy. It can be used as a white-list of things the browser can and can’t do with a Web App or Website. A CSP can help prevent content injection vulnerabilities like Cross Site Scripting (XSS) and can be used to mitigate interception attacks like

Read More