RiskKey Support Blog

Using Tags just got easier…

2008-12-16T21:27:04Z

We introduced tagging into RiskKey as a way for each member to decide the best way to label and categorize their risk items. I mean, who knows your risks better than you?

While adding tags to an item has been fairly straight forward from day 1, actually using those tags to find items hasn’t exactly been the most user friendly process. (In fact, it’s been public enemy #1 on the internal list for quite some time.) The little tiny links in the sidebar were just too hard to sift through, especially in a large project.

<a href="http://www.flickr.com/photo_zoom.gne?id=1450598914&size=o" title="Photo Sharing"><img src="http://farm2.static.flickr.com/1021/1450598914_06582e8f3b_t.jpg" alt="RK_Tagging_Old_2" height="100" width="42" /></a>
<small>(old tag filter = no fun)</small>

Last week Brad and I talked about how to improve this pain point and I’m very happy to show off the new implementation. The next three images should give you an idea of what we came up with.

First, just a small link under the search filter to get you started

Next, the top 20 tags, with the ones used most often, in bigger and bolder fonts.

Finally, an option to see all the tags. While we don’t expect this option to be used much, it still offers a significant improvement over the old way.

That’s the latest from the office of improvements. Let us know if you have an ideas to make RiskKey better.

RiskKey Improvements: I feel the need, the need for Speed!

2007-06-21T15:07:44Z

Last year, when Brad and I set out to re-build RiskKey from the ground up, performance was one of our top priorities. “50 Assessments in 5 minutes!” That was our battle cry. The goal we rallied around. And when we launched the “New and Improved” RiskKey on May 4th, we had met our goal….kind of.

RK was optimized to do most of the work from the “Assessments List” page. However there was ~~some~~ alot of feedback that many pages we thought would be used rarely, were getting heavy daily use. (A lot of this feedback came from our very own guys. We use RK daily and we are pretty tough on it!) So I opened the hood and starting digging around.

The results of my digging are two improvements that I believe are huge helps. The first is an overall speed improvement. You can expect RK to be running 5 times faster today than when we launched!

In addition, we have adding paging to the “Assessments List” page. While many of you may not need it on the Free Account, for our power users with many items per assessment (we average about 200) this is a huge improvement. It not only allows pages to be loaded faster, but also allows to you quickly know where you are within a given page.

That’s the update from the “nerdery” department. As always, catch us on the forums!

-Mark

Forum is Down :(

2007-06-12T18:49:01Z

UPDATE: Forum is back up and running. Thanks for hanging in there!

The forum at forum.riskkey.com has been down this morning and may be down for another hour or two. If there was anything I could do to fix it I would, but unfortunately it is an issue with our hosting company. They assure me they are working hard to get it fixed.

Since the forum is down, I’m going to open up the RiskKey Campfire Chat again in case you want to stop by. How do you get to this magical place? Just log into your RiskKey account and there will be a message on the Dashboard with a link.

I’ll update this post when the forum is back up. Until then, see you around the Campfire.

[tags]riskkey, risk assessment, forum, campfire[/tags]

We want to hear from you!

2007-06-05T18:18:29Z

Hey everyone,

We have been real excited about the progress out little app is making and the amount of sign-ups were are seeing. It makes us happy to see people can use our product to make their lives easier. We also wanted to mention that we have a few new features coming in the near future. Stay tuned for that!

In the mean time, if there are any features that you would like to see in the RiskKey go to the forums section and sound off! We want your help to make this app even better for everybody!

Thanks everybody,

Brad

Feedback Friday

2007-05-11T15:34:53Z

It’s only been a week since the launch of our new version of RiskKey, but already we are seeing a great response. We have heard from a few of our members about improvements and ideas and we would love to hear more.

So today we announce “Feedback Friday”, an effort to make ourselves more available to you in order to get your RiskKey feedback.

So here’s the rundown for Feedback Friday May 11: (All times US Central Time Zone)

11am - Noon: Campfire Chat
Login to your RiskKey account between 11 and Noon (US Central) and you will see a link to our Campfire Chat. Don’t have a RiskKey account? Get one now…they start pretty cheap…as in FREE!

All Day: Forum Frenzy
Visit forum.riskkey.com to get started. We’ll have one eye on the forum all day and should be quick to respond to any questions, ideas, and input.

That’s what we’ve got lined up for the initial installment of Feedback Friday. We hope you can stop by and let us know how to make RiskKey better. (We can also talk about tons of other things…I mean it is Friday!)

Don’t know what Campfire is? It’s our favorite web-based chat solution by the guys at 37signals. It’s what we use to keep in touch during the day and we wouldn’t have it any other way.

[tags]riskkey, feedback, transparency, risk assessment[/tags]

Launch-a-licious

2007-05-04T06:10:11Z

It’s almost 1am, but I just couldn’t wait to tell the world that RiskKey 2.0 is now LIVE! I’d love to just go on and on about the great new stuff in this release, but I would much rather have you check it out for yourself.

Head on over to the signup & pricing page to take a look at the plans. They start as low as Free (that’s pretty cheap) and you can be up and running with your first Project in under 5 minutes.

What are you waiting for? It’s time for some Risk Assessment Made Easy!

(Also…feel free to visit the Support Site or the Forums for more RK info!)

RiskKey Launch | Coming soon.

2007-04-29T05:04:00Z

We are very excited to announce the launch of our newest version of RiskKey coming next week. As you can see from the website, we are already updating everything and just need to open the flood gates for everyone. We still have a few things we wanted to make sure that were working great before opening it up for everybody. Thanks for everybody’s patience and we promise not to disappoint!!!

- Brad Garland

News from our parent company, The Garland Group

2007-04-24T15:01:46Z

Please refer to The Garland Group Blog for the latest announcement regarding major expansion to our services business. Happy April fools day!

[tags]The Garland Group, announcements, April fools day[/tags]

Strategic Security: Risk Assessment

2007-03-21T20:38:40Z

Courtesy of Network Computing

JUNE 7, 2006 | McDonald’s founder Ray Kroc once said, “If you’re not a risk taker, you should get the hell out of business.” Today, technology provides golden opportunities that would amaze yesterday’s entrepreneurs. The flip side is that companies willing to take the leaps necessary to thrive in a competitive global economy expose themselves to hazards unheard of even 10 years ago. To survive, enterprises must continually use risk-assessment methods. Otherwise, they could unwillingly follow the second half of Kroc’s advice.

Specifically, IT professionals can’t limit their risk assessment to IT networks and computers. Physical security must be considered, as well as employees: People aren’t just a company’s most valuable asset, they’re also the easiest to compromise. Risk-assessment practices must be codified within your organization through policies, standards and guidelines.

A Neverending Process

Risk assessment, which we define as the process of identifying factors that can negatively influence operations and an executive’s ability to make informed choices, has been around for years as a means of gauging the status of a company’s assets versus potential risks. Like most activities in business, it focuses primarily on the bottom line. An infosec professional’s role in risk assessment is to determine the cost to the organization if particular vulnerabilities are exploited.

The risk-assessment process can be anything from a quick walk-through and analysis of known hazards–in the case of a small business–to a lengthy process involving multiple teams and consultants. But one thing is always true: Risk assessment must be revisited at least twice a year to ensure that new dangers are not overlooked and old risks are managed effectively. Additionally, security policies must be reviewed and updated continually to account for changes in business methods and processes.

The first step is to know your organization’s view of, and tolerance for, risk. In addition, note that requirements to manage, mitigate and eliminate risk no longer depend only on your company’s tolerance level. Uncle Sam has gotten into the act, and risk assessment is intertwined with an ever-growing set of regulations that mandate or “strongly recommended” specific risk-management methods. Make the regulations that apply to your company part of your vocabulary, if they aren’t already.

Are you in a business that escapes most regulatory oversight? Undertake risk assessment anyway. All too often, IT pros who should know better function in an “It won’t happen to us” mindset. When “it” does happen, we’re caught off guard. There’s a reason police officers take target practice, even though they may never draw their weapons. Wait until a crisis hits to plan, and your ability to react effectively will be impaired. Look at the daily news reports about organizations experiencing loss due to attacks against systems with known vulnerabilities–even a half-hearted risk-management effort would have caught these basic vulnerabilities.

Risk assessment comprises asset identification and evaluation, threat and vulnerability identification, control identification, determination of the likelihood of a threat, impact on the CIA (confidentiality, integrity and availability) of an asset, risk determination, control recommendation, and documentation and policy. These steps may be consolidated or compressed, as long as they’re all present.

[tags]risk assessment, strategic planning, management[/tags]

Risk Assessment | It doesn’t have to be rocket science

2007-03-21T20:38:54Z

I come across a variety of different articles, websites, and seminars with people trying to explain how risk assessments are “supposed” to work. They go into great detail about all the different types of risk you have to consider, the calculations required, the detailed analysis, etc. IT’S EXHAUSTING!

It doesn’t have to be that hard.

People that work in the banking industry already know how ‘thin’ staffing levels are and how little time everyone has each work day. So why not create a risk assessment product that is simple to use and can help your institution improve? We’ve worked hard on making our application straight forward to allow institutions to create a bank-wide risk assessment without all the worrying of the calculations. For an assessment, the concept is simple: (Your threats - the safeguards you have in place) = The Overall Risk.

Some people try too hard to make something as subjective as risk into an difficult mathematical equation when there is no need. It can be easy.

[tags]risk management, risk assessment, threats, safeguards, banking, credit unions[/tags]