Sales Methodology

So you think you are good at sales? Do you say you can sell fire to the Devil or ice to Eskimos? Sure maybe you have a great personality, you shoot from the hip and a majority of the time you have no problems getting a meeting, maybe you pitch your product, maybe potential customers…

Working Sessions

Meetings, some of us are plagued by them, we have too many back to back meetings in a day to accomplish anything. Some meetings your contribution is limited or very small, and some meetings your part is the center of the entire meeting. In my personal experience and through my vast experience with attending meetings,…

NIST 800 -171 3.1.7

Prevent non-privileged users from executing privileged functions and audit the execution of such functions. Here is where the separation of admin accounts and non-admin accounts helps you with this control. Don’t allow the non-admin accounts to have any access or ability to perform any commands that a privileged account will create. If you follow the…

NIST 800 – 171 3.1.6

Use non-privileged accounts or roles when accessing nonsecurity functions. The object of this control is to set up an admin-account and a non-admin-account for privileged access and no-privileged access. This control seeks to separate admin accounts from non-admin accounts and what actions are performed by each. The best way to go about this is to…

NIST 800 -171 3.1.5

Employ the principle of least privilege, including for specific security functions and privileged accounts. What is the principle of least privilege? It is when you give a person’s account the bare minimum of permissions and capabilities they need to do their job. You basically lock their account down to the point that they can’t access…

Compliance risk man in the computer

NIST 800 -171 3.1.4

Separate the duties of individuals to reduce the risk of malevolent activity without collusion Malevolent Activity is when someone is trying to inflict harm on an entity like a person, government or company. Organizations must separate CUI handling and processing based tasks that employees work on in order to minimize the chance that they could…

NIST 800 – 171 3.1.3

3.1.3 Control the flow of CUI in accordance with approved authorizations CUI is Controlled Unclassified Information. This is the data that needs to be protected and you need to protect how it arrives, who has access to it, who might have access to where it is stored, how it is stored, etc. You need to…