Network Firewall Security: Are You Compliant or Are You Secure?
Your router and network firewall security were fully compliant with industry and government standards, but does that mean your data is safe and secure?
Ensuring Security and Compliance
Ensuring Security and Compliance Most organizations tend to focus on becoming compliant rather than being secure. And while meeting client requirements and industry regulations is very important, it does not necessarily guarantee that your organization is secure. If your entire information security program is based on “What must we do to be compliant?”, you’re probably…
Passing Your SOC 2 Audit
Passing Your SOC 2 Audit How should you prepare for passing your SOC 2 audit? The pressure is on as more and more service providers and service organizations are being asked by clients for a SOC 2 audit report. Are you prepared to demonstrate your commitment to security and privacy to your clients and…
PCI DSS 3.2 Requirements and What’s New
PCI DSS 3.2 Requirements and What’s New PCI DSS 3.2 includes some changes about which you should know. Many thanks to our auditor, KirkpatrickPrice, for explaining the details to folks via a new webinar. In this special session, Shannon Lane – a QSA, CISSP, and auditor with KirkpatrickPrice – discusses what’s new in PCI DSS…
Becoming PCI Compliant for the First Time
Becoming PCI Compliant for the First Time Becoming PCI compliant for the first time? Becoming PCI compliant can be an overwhelming undertaking if you are unsure of where to start. With approximately 394 controls, this comprehensive data security standard can be a large undertaking that is best tackled with expert assistance. The first step toward…
Penetration Tests Help Avoid a Data Breach
Penetration Tests Penetration tests and vulnerability scans, if performed regularly, will help your organization avoid a costly data breach. Did you know that? So why don’t more companies get on the ball and do this? Nearly every week, we read about a malicious hacker who has penetrated a security gap in an organization’s infrastructure to gain access to loads…
Cost of Downtime
Cost of Downtime Ever calculate the cost of downtime? A major new survey by Veeam Software did, and the results reveal that there’s far more to system downtime than the bracing hard costs. In its fifth annual “Availability Report,” Veeam interviewed 1,140 senior IT staff in 24 countries, including 150 U.S. folks. All of the…
Phase 2 HIPAA Audits Prep
Phase 2 HIPAA Audits Prep Phase 2 HIPAA Audits have officially begun. You may know that the OCR is gathering information to determine which covered entities and business associates will be included in the auditee pool. If you haven’t already prepared for Phase 2 HIPAA Compliance, knowing where to begin may seem a bit overwhelming.…
Creating a Compliance Culture
Wondering how to create a positive compliance culture within your company? We’re here to help companies make managing compliance, well, manageable. We’ve defined the role and responsibilities of the Chief Compliance Officer. We’ve helped delineate what a Compliance Management System (CMS) is all about. We are now here to share the next best kept industry…
Security Awareness Training
Security awareness training for employees is a critical component of compliance and security in your organization. The risk of an employee not understanding the potential security threats facing them as a frontline target could be just the opening that an attacker needs to create a security breach. You are only as strong as your weakest…