You may have noticed a little closed padlock icon next to the domain name of the website you’re visiting. This little lock displays whether the website you’re seeing is secure via an SSL certificate. SSL stands for Secure Sockets Layer, a security protocol that creates an encrypted link between a web server and a web … Read more
Ensure a smooth accreditation process for CMMC compliance and C3PAO certification. Get ready to secure DoD contracts in 2025 and beyond!
Your router and network firewall security were fully compliant with industry and government standards, but does that mean your data is safe and secure?
Most organizations tend to focus on becoming compliant rather than being secure. And while meeting client requirements and industry regulations is very important, it does not necessarily guarantee that your organization is secure. If your entire information security program is based on “What must we do to be compliant?”, you’re probably missing some major holes … Read more
How should you prepare for passing your SOC 2 audit? The pressure is on as more and more service providers and service organizations are being asked by clients for a SOC 2 audit report. Are you prepared to demonstrate your commitment to security and privacy to your clients and prospects? Here are 5 things you … Read more
It’s important to analyze and fully understand the areas of risk as the CFPB continues to closely supervise the collections environment and call monitoring compliance. One of the biggest risks to a collection agency is communication with consumers, making the monitoring of calls a very telling practice. An effective call monitoring program is a critical … Read more
If you’re a shared hosting provider or a business using shared hosting, understanding the Payment Card Industry Data Security Standard (PCI DSS) requirements for shared hosting providers is vital to maintaining compliance and protecting sensitive data. In this guide, we’ll summarize insights on PCI Data Security Standard Requirements 1 and 2 and common compliance gaps. … Read more
Meeting PCI DSS requirements starts with understanding where your organization stands today. That’s where a PCI DSS gap analysis comes in. It’s a diagnostic process that pinpoints which controls are already in place, which ones are missing, and what actions are needed to achieve full compliance. If your organization stores, processes, or transmits payment card … Read more
In light of the recent news of the data breach at Anthem Blue Cross/Blue Shield, risk assessment is our theme today. We welcome this guest post from our partner, KirkpatrickPrice…. Performing a Risk Assessment is a critical component of any Information Security Program. It’s mandated by several frameworks (SSAE 16, SOC 2, PCI DSS, … Read more
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is continuing its efforts to enforce HIPAA compliance through periodic and proactive audit programs. These audits are designed to assess how well Covered Entities and Business Associates are meeting their obligations under the HIPAA privacy, security, and breach notification standards. With … Read more
