Effective Solutions Through Partnership

Category Archives: Information Security

Sacramento ARMA Records Knowledge Conference Event Recap

Conferences, Cyber Security, Data Management, Government, Information Security, Information Technology, Innovation in the Public Sector, IT Modernization, IT Security, KAI Partners, Public Sector, Ransomware, Risk Assessment, Sacramento, Technology

By Jamal Hartenstein, JD, CISSP, CGEIT, PMP

The Greater Sacramento Capitol Chapter of ARMA recently held its annual Records Knowledge Conference, which brought together records managers from city, county, and state clerk offices.

According to our local ARMA chapter, ARMA is dedicated to providing education and resources to those in the Records Management and Information Governance fields. They are committed to enhancing Records Management and Information Governance professionals through training, networking, leadership, and outreach.

The conference attendees brought a sense of eagerness to learn and share—ARMA chapter leadership gave event attendees a special opportunity to hear from world-class speakers—including and a lead researcher on the IBM Watson project, Dr. Ashish Kundu—on some of the most important and cutting-edge topics.

Along with a formidable group CEOs, I was honored to be asked to speak about Cybersecurity Threats to Information Governance. Highlights of the event and major takeaways included:

  • Understanding what data you have, who accesses it, and where it goes is paramount.
  • Conflicts among document retention policies, industry best practices, and laws suggest that we seek out and use the highest common denominator.
  • Trending topics and buzzwords the government sector include players like Smart Communities, Artificial Intelligence (AI), Digital ID, Blockchain, NIST, and the KAI Partners approach to security assessments.
  • Data Migrations are underway. Records Managers who respond to Freedom of Information Act (FOIA) requests for public records or subpoena must deliver records formats adhering to general business practices, which may be legacy.
  • Regarding Third Party Risk Management (TPRM), cloud services, and Business Associate Agreements, liability points back to the data controller regardless of contracts with data processors or third parties.
  • Mobile device management and data/device ownership remain a point of contention and confusion during public record requests.
  • Innovation is forcing a cultural shift in workforce demands and understandings of emerging technologies.
  • Artificial Intelligence (AI) solutions can be used to categorize and classify data, performing some of the tasks of current Data Custodians and Data Owners.
  • While AI may not replace Records Managers, Records Managers who understand and embrace AI will inevitably replace those who do not.

Public sector IT innovation and modernization means systems and processes change rapidly. One example of this is California Assembly Bill 2658, recently signed into law by the governor. This new law updates the definition of an Electronic Record to include blockchain and smart contracts as legally recognized records. It sends a clear signal that digital records management, particularly blockchain technology and smart contracts, are priorities for a more innovative and dynamic public sector.

This new law impacts public records requests because entries logged in public agency-owned private blockchains are electronic records. These records are susceptible to the Freedom of Information Act (FOIA). Records Managers may benefit from technology that makes the identification and delivery of public records to requestors easier. It may also create convenience for those exercising Public Records Act (PRA) requests. It’s a double-edged sword; it streamlines the processes but increases PRA volume at the same time.

The discussion of the California blockchain law was one most important topics discussed at the ARMA event. Another popular topic was IT Security Assessments.

The urgency in public sector data governance and records management is an incredible opportunity to embed IT security controls for the public sector personnel working at the heart of the ever-expanding challenges.

KAI Partners performs security assessments to address the multitude of challenges facing the public sector. Our assessments help ensure secure and efficient delivery systems where the organizational objectives align with the development of strategic plans and programs. In addition, KAI Partners’ training division—KAIP Academy—works to address technical skills gaps. Our training courses include ITIL, Project Management, Agile/Scrum, and more.

Were you at the ARMA Conference? What were your biggest takeaways about public sector innovation?

About the Author: IT Security Program Manager at KAI Partners, Jamal Hartenstein is a cybersecurity legal expert who has helped some of the country’s largest financial institutions, healthcare companies, and federal agencies develop their IT Security Roadmap programs. In his current role, Jamal provides guidance to executive staff and security professionals on laws, frameworks, and policies that help shape their strategic plan, and helps organizations innovate safely and securely. Prior to working for KAI Partners, Jamal served as an Electronic Warfare Sergeant in the U.S. Army Military Intelligence Corps, where he was a steward for Defense Information Systems Agency (DISA) framework. He earned his undergraduate degree from Georgia Military College and his Juris Doctorate from University of the Pacific, McGeorge School of Law in California.

Why you need IT Security Services

Cyber Security, Information Security, Information Technology, IT Security, Project Management, Project Management Professional (PMP), Public Sector, Ransomware, Risk Assessment, Sacramento, Technology

By Jamal Hartenstein, JD, CISSP, CGEIT, PMP

If organizations don’t have IT Security governance, risk management, and compliance measures in place, they are susceptible to breach, dissemination of data, or regulatory violations that can cripple the organization.

Case in point: The California Attorney General’s office filed a legal claim against an airline company for not having a privacy policy for their smart-phone app.

A regulatory violation (i.e., if an organization does not meet deadlines for disclosures) can mean legal penalties. Enterprises without an IT Security Strategic Plan are poorly suited to assess and manage IT related risks, in alignment with business objectives.

In any of these events, consequences include brand/reputational damages, increased cybersecurity insurance premiums, legal fees, and injunctions.

In addition to those risks, there’s a regulatory component to IT Security—the state of California mandates periodic risk assessments for public sector groups at the state, county, and city levels. To keep up with ever-changing mandates and to successfully meet regulatory mandates, you might need Strategic Risk Management Planning.

So, where do you begin to start this planning and make sure your organization is protected?

KAI Partners is your one-stop shop for IT Security services.

Whether public sector, private sector, non-profit, or small business, KAI Partners can offer IT Security services that allow your organization to operate and innovate safely.

Our IT Security services help ensure that the software, hardware, and policies you implement not only protect your organization, but also mitigate the threat of catastrophic litigation.

Members of the KAI Partners IT Security team hold credentials in Certified Information System Security Professional (CISSP), Project Management Professional (PMP)®, Certified ScrumMaster®, Certified in the Governance of Enterprise Information Technology (CGEIT), CompTIA Security+, Network+, Project+, A+, Microsoft Certified Professional (MCP), and more.

KAI Partners works together with Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, IT Security Managers, vendors, and other strategic partners to help your organization create and implement a comprehensive IT Security plan.

Some of KAI Partners’ IT Security services include:

  1. Strategic Planning Development, aligned with IT Security Roadmap Program planning
  2. Security Operations and Subject Matter Expert Staff Augmentation
  3. Independent Security Assessments
  4. IT Security Governance, Risk Management, and Compliance (GRC)

Legislation, regulations, and policy shape the way organizations conduct business today. The laws have a hard time keeping up with technology—and technology has a hard time keeping up with threats. KAI Partners can help you create and implement IT Security practices that are unique to your business objectives and help protect the privacy of your organization.

Interested in learning more about how KAI Partners’ IT Security services can help your organization stay safe and compliant? Contact us today!

About the Author: IT Security Director at KAI Partners, Jamal Hartenstein is a cybersecurity legal expert who has helped some of the country’s largest financial institutions, healthcare companies, and federal agencies develop their IT Security Roadmap programs. In his current role, Jamal provides guidance to executive staff and security professionals on laws, frameworks, and policies that help shape their strategic plan, and helps organizations innovate safely and securely. Prior to working for KAI Partners, Jamal served as an Electronic Warfare Sergeant in the U.S. Army Military Intelligence Corps, where he was a steward for Defense Information Systems Agency (DISA) framework. He earned his undergraduate degree from Georgia Military College and his Juris Doctorate from University of the Pacific, McGeorge School of Law in California.

What IF Conference Recap

Alpen Technology Group, Community Service, Conferences, Event Recap, Healthcare, Information Security, Information Technology, Sacramento, Sacramento Steps Forward, Systems Engineer, Technology, WEAVE, What IF Conference


Photo Credit: Impact Foundry/What IF Conference

By David Baker, CSM

I recently attended the What IF Conference along with a KAI Partners colleague. This event was sponsored by the Impact Foundry and took place at the McClellan Conference Center.

The sold-out event brought together non-profits and service providers from across the region to network and share best practices.

This year’s theme focused on creating sustainable community change, which demands increased collaboration across the non-profit community and increased investment by funders.

Dan Pallotta, a renowned public speaker whose TED Talk is the most viewed in the history of the series, served as Keynote. His presentation brought to light the hypocrisy of society’s expectations of non-profits’ effectiveness and impact while limiting their ability to fundraise, increase overhead costs in order to scale, and attract talent by offering competitive salaries not common in the corporate world (where salaries are inflated and impact is questionable).

As an IT Professional who provides Managed IT Services to small businesses and non-profit organizations, it was interesting to me to learn that IT is low on the priority list of non-profits and yet can yield the most value and ROI.

The What IF Conference provided an excellent opportunity to meet non-profit leaders and discuss the benefits of IT and how it can help them meet their goals. For example, a smooth-running IT infrastructure can help non-profits serve the community faster and more efficiently by:

  • Establishing network uptime, so clients can always reach you;
  • Keeping computers updated with the latest Microsoft patches so employees don’t lose productivity due to a slow computer; and
  • Increasing network security to prevent network breaches or virus attacks.

One panel that focused on the value of IT was Mini City, a start-up based in Atlanta, Georgia, that provides a platform dedicated to serving the homeless population in the area.

Mini City is technology-driven and is a great example of how technology can help non-profits and their customers. To date, Mini City has secured 500 Near Field Communication-enabled wristbands. Like Fitbit, this is wearable technology and serves as an identification tool for homeless residents and a connection to services at no charge to them. I thought it was awesome to see how technology is used to help the homeless.

In our local region, KAI Partners staff have participated in the Sacramento Steps Forward Homeless Point-In-Time (PIT) counts, which helped gain a better understanding of the structure and data recuperated during an event like the PIT count. We also support key healthcare services through our work with healthcare-focused state agencies, and support non-profits like WEAVE to be more productive and effectively serve their community through our managed IT and consulting services.

KAI Partners strives to support systems with our IT and consulting services so that we can assure our vulnerable communities are getting the most from the talented non-profit staff who work tirelessly to provide services to them.

About the Author: Mr. Baker has 11 years of experience in IT ranging from help desk to network/systems engineer and working with different technologies such as Cisco, SonicWALL, Dell, VMware, and Microsoft. Mr. Baker currently works for KAI Partners as a Systems Engineer, helping clients meet their IT needs. For fun, Mr. Baker enjoys enjoy BBQing, photography, and fitness.

KAI Partners is Hiring!

Agile, Business Analysis, Certified ScrumMaster (CSM), Hiring, Human Resources, Information Security, Information Technology, KAI Partners, Onboarding, Organizational Change Management (OCM), Sacramento, Scrum, Technology, Training

KAI Partners is excited to hire for a number of positions in the Sacramento area! Interested in joining our team? Take a look at the following positions for which we are currently hiring!

Financial Analyst

The Financial Analyst should have a strong understanding of the California state budget, as well as experience analyzing California’s fiscal policy. Financial Analyst responsibilities could include, but are not limited to, the following:

  • Prepare, review and distribute regular financial reports for oversight agencies and other stakeholders;
  • Provide financial analysis for project planning efforts; and
  • Track overall budgets and expenditures across multiple projects.

Click here apply for the Financial Analyst position.

Information Security Specialist

With a Bachelor’s Degree in IT/MIS, IT Security or Engineering related field and CISA and/or CISSP certification, the Information Security Specialist will provide services including, but not limited to, the following:

  • Assessing the privacy, confidentiality and security needs;
  • Developing a high-level Security Plan;
  • Conducting a wireless security assessment and threat assessment; and
  • Reviewing and analyzing current audit findings and incorporating the results into a target plan and roadmap.

Click here apply for the Information Security Specialist position.

Technical Lead

The Technical Lead must have a Bachelor’s degree in IT/MIS, IT Security or Engineering, or a related field. In addition to other requirements, this role requires three years’ experience in reviewing and developing security policy and implementation plans, three years’ experience in analysis and documentation of IT security findings, and experience and knowledge with State and Federal laws related to data privacy.

Click here to apply for the Technical Lead role.

But wait, there’s more!

Here are some other Sacramento-area positions for KAI Partners is currently hiring:

We look forward to receiving your application today! Any questions about the above positions? Email recruitment@kaipartners.com.

KAI Partners Staff Profile: The Systems Engineer

Alpen Technology Group, Information Security, Information Technology, KAI Partners, KAI Partners Staff Profile, Managed IT Services, Sacramento, Small Business, Startup Company, Systems Engineer, Technology

There are many paths to success and while not everyone takes the same path, we often manage to arrive at the same destination. In our KAI Partners Staff Profile series, we share interviews and insight from some of our own employees here at KAI Partners. Our staff brings a diversity in education, professional, and life experience, all of which demonstrate that the traditional route is not necessarily the one that must be traveled in order to achieve success.

Today, we bring you the journey of David Baker, a Systems Engineer with our managed IT services division, Alpen Technology Group. Alpen Technology Group provides organizations the benefits of an internal IT department at a fraction of the cost of staffing one themselves.

The role of the Systems Engineer within IT services is critical. On any given day, Mr. Baker’s responsibilities include troubleshooting advanced security technologies such as Single sign-on and Multi-factor Authentication, managing IT initiatives, collaborating with clients, providing strategic advice on using technology to achieve goals and objectives, supporting new technology implementation, training users, and more.

Today we’re excited to share more about Mr. Baker’s Managed IT background and his current role.

KAI Partners, Inc.: How did you get into your line of work?

David Baker: My troubleshooting skills caught the attention of an instructor of mine who had just started a software training/consulting firm. He was impressed at my ability troubleshoot and reconstruct the computer. He was also looking for someone who loved computers and tech. I was able to work summer days and nights while going to school and increasing my technical knowledge. IT was fun, and I love playing video games, so it led down this road.

KAI: Are there any certifications or trainings you’ve gone through that have helped in your career?

DB: I have a certification through Microsoft—the Microsoft Certified IT Professional (MCITP)—as well as CompTIA’s Network+ and A+. I am also currently working on a certification with Amazon Web Services.

KAI: What is your favorite part about your line of work and why?

DB: My favorite part about my line of work is creating new networks for clients. \ Completing a project gives me a sense of satisfaction. I take pride in knowing that I have created something that will help a client meet their goals.

KAI: What is one of the most common question you receive from clients and what counsel or advice do you give them?

DB: The most common question I get from clients is how we can save money on IT. I tell them let’s look at your environment and streamline it. For example, I once moved a client from physical servers to a virtual environment, which saved them money on cooling and electricity use.

Now that we’ve learned more about David’s Systems Engineer work, here’s a little more about him!

Quick Q&A with David:

Daily, must-visit website:  www.techcrunch.com

Preferred genre of music: Blues

Best professional advice received: Never give a firm time to resolve an issue in IT. You do not want to set an expectation that you cannot meet due to Murphy’s Law or other outside factors.

Book you can read repeatedly: “Who Moved My Cheese?”

Most-recent binge-watched show: Dear White People

About David: Mr. Baker has 11 years of experience in IT ranging from help desk to network/systems engineer and working with different technologies such as Cisco, SonicWALL, Dell, VMware, and Microsoft. Mr. Baker currently works for KAI Partners as a Systems Engineer, helping clients meet their IT needs. For fun, Mr. Baker enjoys enjoy BBQing, photography, and fitness.

Interested in learning more about how David and the Alpen Technology Group can help your organization? Call 916-465-8065!

next page »