Information Technology and Security Blog
FCI: Safeguarding Requirements for Federal Contract Information
With the recent attention on DFARS 252.204-701, the Cybersecurity Maturity Model Certification, and NIST SP 800-171, you may already be familiar with safeguarding requirements for
What is the Cybersecurity Maturity Model Certification (CMMC)?
With recent breaches of government data, such as Solargate, cybersecurity and safeguarding sensitive information has become more important than ever. Department of Defense’s (DoD) Cybersecurity
DFARS 252.204-7012: What it Means for Defense Contractors
Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012 has been the buzz of the defense contracting world over the last three months. While it became a
CUI: Your Guide to Controlled Unclassified Information
You may have been brought here because you are seeking to achieve NIST 800-171 or CMMC compliance. Perhaps this is the first time you have
CMMC: Choosing a CMMC Consultant
With the Department of Defense (DoD) Cybersecurity Maturity Model Certification (CMMC) moving full steam ahead, many small and medium businesses are struggling to become compliant.
Section 508: The Importance of PDF ADA Compliance
Any organization that uses PDFs to provide information for employees or clients needs to practice PDF accessibility under Section 508. To implement the proper compliance
What is EN 301 549? EU Web Accessibility Standards Explained
Technology is an important resource, and its use grows every day. It’s part of our home and professional life and everyone deserves to use it
21st Century Integrated Digital Experience Act and What it Means for Government Contracting
The 21st Century Integrated Digital Experience Act – or 21st Century IDEA – was signed into law in December 2018 and requires federal agencies take
Social Engineering: Elicitation and How to Counter It
Most are likely familiar with some forms of social engineering, including phishing scams. But how familiar are you with elicitation and do you know how
CMMC Interim DFARs Rule and What It Means For Your Organization
Contractors that do business with the US Department of Defense have a new cybersecurity standard to achieve. The US Department of Defense recently clarified its
Please Stop Re-Running Failed Automated Tests
A few weeks ago, I got into a semi heated debate with an ex-coworker about re-running automated tests. Specifically, some of his tests failed and
DevOps vs DevSecOps
Agile has been around for almost 20 years, and as such, it has continued to evolve. One of the more interesting things to come out
What is AODA? A Beginner’s Guide to the Accessibility for Ontarians with Disabilities Act
If you aren’t sure what the Accessibility for Ontarians with Disabilities Act (AODA) is, then you need to get up to speed on it quickly.
Web Content Accessibility Guidelines (WCAG) 2.1 Checklist
Complying with W3C’s Web Content Accessibility Guidelines (WCAG) 2.1 can be challenging for anyone, but especially if you are unfamiliar with the guidelines or have
Section 504 of the Rehabilitation Act of 1973
Section 504 of the Rehabilitation Act of 1973 is a civil rights law that prohibits discrimination against individuals with disabilities, specifically within organizations that receive
What Is ADA Compliance and What Does It Mean for Your Website?
Is your website following the ADA compliance standards? In 2010, the United States Department of Justice released specific guidelines for all public organizations to follow to become accessible
Complying With the Web Content Accessibility Guidelines (WCAG) 2.0 – Part 1
In the age of pervasive availability of digital documents, software, hardware, and online services, it is more important than ever to ensure nondiscrimination of users
What’s New in the Web Content Accessibility Guidelines Version 2.2?
On August 11th, 2020, the W3C, Accessibility Guidelines Working Group (AG WG), released a DRAFT version of the Web Content Accessibility Guidelines (WCAG) version 2.2
VPAT – Voluntary Product Accessibility Template
In the world of accessibility, there are many mechanisms used to demonstrate whether a an organization’s Information and Communication Technologies (ICT) are accessible. One of
What is WCAG 2.1 and how is it different from WCAG 2.0?
What is WCAG 2.1? The Web Content Accessibility Guidelines (WCAG) 2.1 is the new standard set out by the World Wide Web Consortium’s (W3C) Web
Test Automation Problems: Unreasonable Expectations
Introduction In my previous post, I gave an overview of how test automation gets a bad rap. Many organizations try, struggle, and ultimately fail at
Top 5 Reasons to Make Your Website Accessible
One of the questions we are commonly asked is, “why should I make my website accessible”? It is a great question and we wanted to
What is Section 508 of the Americans with Disabilities Act?
Section 508 of the Americans with Disabilities Act is a law which requires technology procured or developed by the federal government to be accessible. This
Automated vs Manual Accessibility Testing
Automated Vs. Manual Testing Automated testing tools can be used as a routine part of the accessibility testing process. However, we they cannot be used
Title III of the Americans with Disabilities Act
What is Title III of the Americans with Disabilities Act? Title III of the Americans with Disabilities Act (ADA) prohibits discrimination on the basis of
Problems with Test Automation
Introduction This is the first part in a series of posts I’ll be making, all discussing problems with test automation. Now, I’m not saying test
Test Automation – Agile
The Challenge TestPros’ client, Intersections, is a leading provider of consumer and corporate identity risk management services, with a true Agile development process. The nature
Making Elementor Accordion Accessible
At TestPros, we use WordPress as the content management system for our website. In particular, we use Elementor and in order to assist with designing
NIST 800-171 and DFARS Compliance Services
Unauthorized access and disclosure of government information has become all too common in these times of frequent cyber-attacks. As a result, the government has extended