Higher costs, lower productivity, and legal issues are just some of the risks a company can be exposed to by simply surfing the web. Malware, formally known as malicious software, is the most omnipresent agent of chaos when it comes to web-based offensive content. Whether your company is a small, medium, or large sized business, it can be particularly helpful to install software that combats malicious content automatically.

People often consider the only threat against their computers to be a virus. This is common misconception that often leads to detrimental system damage. A virus, in fact, is a specific threat that falls into the broad category of malicious software, or malware. Malware is used to disrupt computer operations, gather privileged information, and gain unauthorized access by hackers and frauds. Here are a few items that you might not know, but should learn to differentiate when it comes to malware.

I recently stumbled across an article describing data loss horror stories from 2011. The most disastrous occurrence described a server being struck by lightning, subsequently set on fire, and incurring water damage from the fire department’s attempt to extinguish the fire. Amazingly, the provider was able to recover all of the data from the charred servers because the company had their data backed up through a cloud service as part of their disaster recovery. Unfortunately, not everyone has a back up recovery plan or is subscribed to a cloud provider who can restore data after such a detrimental disaster. Choosing the right provider who offers the right services is a matter of patience, rationale, meticulousness, and a little bit of common sense.

When it comes to cloud security, one of the most popular features offered by providers is security auditing.  Security audits are what a provider uses as a method of inspecting and maintaining a company’s internal controls, which consist of policies, procedures, and safeguards. The renowned audit, SAS 70 type II, was conceived in 1992 and has since evolved to form SSAE 16. Though both of these audits are commonplace in the security realm, like most other features they do not come without disadvantages that need to be addressed and weighed against advantages by the person or company utilizing the audits.

On March 1, 2012, Massachusetts General Law Chapter 93H and its new regulations 201 CMR 17.00 final procedure went into effect – the provision of which included 3^rd party vendors.

This law, at its most basic premise, protects Massachusetts residents against identity theft and fraud. While the ruling may seem almost obvious and even stir some déjà vu, it’s probably because the law was actually put into practice on March 1, 2010 and similar laws have already been perpetuated in California, Maryland, Nevada, Oregon, and Texas. This final step in the new law was for contracts entered into before the 2010 date that were grandfathered in. The March 1^st, 2012 date completely nullified any grandfathered contracts.   Now, ALL companies or persons in Massachusetts who store or use personal information about Massachusetts residents must have created a written and regularly internally audited plan to protect a Massachusetts’s customer or user’s personal information that includes additional WISPs from third party vendors who also have the ability to see personal information.