Does your website have a current SSL certificate? You may have noticed a little closed padlock icon next to the domain name of the website you’re visiting. This little lock displays whether or not the website you’re seeing is secure via an SSL certificate. SSL stands for Secure Sockets Layer, a security protocol that creates … Read more
C3PAO Certification Is Coming. Are You Ready? By 2025, cybercrime is estimated to cause global losses of up to $10.5 trillion annually, affecting various industries such as federal contracting and national defense. The U.S. Department of Defense (DoD) created the Cybersecurity Maturity Model Certification (CMMC) in 2020 to ensure the security of its supply chain. … Read more
Your router and network firewall security were fully compliant with industry and government standards, but does that mean your data is safe and secure?
Most organizations tend to focus on becoming compliant rather than being secure. And while meeting client requirements and industry regulations is very important, it does not necessarily guarantee that your organization is secure. If your entire information security program is based on “What must we do to be compliant?”, you’re probably missing some major holes … Read more
How should you prepare for passing your SOC 2 audit? The pressure is on as more and more service providers and service organizations are being asked by clients for a SOC 2 audit report. Are you prepared to demonstrate your commitment to security and privacy to your clients and prospects? Here are 5 things you … Read more
It’s important to analyze and fully understand the areas of risk as the CFPB continues to closely supervise the collections environment and call monitoring compliance. One of the biggest risks to a collection agency is communication with consumers, making the monitoring of calls a very telling practice. An effective call monitoring program is a critical … Read more
Questions about PCI DSS Requirements 1 and 2? You’ve come to the right place. As you may know, AISN is a PCI compliant cloud hosting provider. Today. we’re fortunate to reprint highlights from an exclusive online interview sponsored by our valued partner, KirkpatrickPrice. In this interview, KirkpatrickPrice Information Security Auditor Barry Williams responded to some … Read more
Common PCI compliance gaps? You bet! We can identify 15 of them. The need for enhanced security is becoming more and more obvious every day. As the security landscape changes, the threats to our sensitive data become more serious, and as a result, the controls that we put in place have become stronger. We see a … Read more
In light of the recent news of the data breach at Anthem Blue Cross/Blue Shield, risk assessment is our theme today. We welcome this guest post from our partner, KirkpatrickPrice…. Performing a Risk Assessment is a critical component of any Information Security Program. It’s mandated by several frameworks (SSAE 16, SOC 2, PCI DSS, … Read more
Did you know that Phase 2 of the HIPAA Audit Program is expected this year? The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has always enforced HIPAA compliance. Recently, they announced plans to proceed with Phase 2 of the HIPAA audit program, a more proactive approach to overseeing HIPAA compliance. … Read more
