Resources

Amid growing threats of cyberattack, companies are requiring both password protocols and two-factor authentication (2FA). Some of today’s more popular methods include answering secret questions, using biometrics such as a fingerprint, or entering a one-time authentication code (OTP) sent to your phone via SMS text. But as the popular site Reddit recently found out the […]

If your company deals with credit card numbers, patient records, customer information or other sensitive data, the list of compliance standards, federal regulations, and state laws can be very long. And if you’re a healthcare organization? It’s even more complex. What is HIPAA? Probably the most well-known compliance standard is the Health Insurance Portability and […]

Creating a sound cybersecurity plan means anticipating likely scenarios that might lead to a breach, and then building a strong defense. It can be complicated, nuanced, and a huge challenge — especially since cybercrime accounted for as much as $2.7 billion in financial losses in 2018. With tech that’s ever-evolving and hackers who will increasingly […]

Time moves fast, and that is especially true in the world of business regulation and compliance. It’s already been a year since GDPR, the European Union’s privacy law, went into effect. It took two years after GDPR was passed by the European Parliament, the Council of the European Union and the European Commission for it […]

To protect your company’s valuable and sensitive data, the best offense is a good defense — a solid cybersecurity strategy that not only keeps data safe but identifies areas of weakness and vulnerability before the bad guys do. This is why penetration testing needs to be part of your cybersecurity strategy. Penetration testing, or “pen […]

A System and Organization Controls (SOC) examination is an independent, third-party assessment of a service organization’s commitment to service and trustworthiness. For any company that intends to outsource a part of its business, such as payroll, record-keeping or IT, it’s a way to vet and gain reasonable assurance that potential service providers are operating under […]

Data security is of paramount importance as technology continues to evolve for businesses of all sizes. Conducting compliance audits on data security on a regular basis is vital, but sometimes the sheer volume of data security compliance audits can result in audit fatigue and in financial losses as well as wasting time. An integrated compliance […]

Data is the lifeblood of the 21st century, and protecting it should be a top priority for everyone who touches it. Data security is also required by law, a deal-maker or breaker for some customers, and a public-interest issue that makes headlines when it fails. If a company is entrusted with sensitive data, enacting the […]

When it comes to protecting privacy and securing data and other sensitive information, healthcare organizations are some of the most scrutinized. They face a huge number of federal regulations, compliance standards and state laws, including HIPAA, HITECH, ISO 27001, PCI DSS, NIST, COBIT, and FTC. For third-party healthcare partners, this makes proving trustworthiness with sensitive […]

System and Organization Controls (SOC) reports enable companies to feel confident that service providers, or potential service providers, are operating in an ethical and compliant manner. No one likes to hear the word audit, but SOC reports establish credibility and trustworthiness for a service provider — a competitive advantage that’s worth both the time and […]