compliance
The Role of Governance, Risk, and Compliance in Modern Cybersecurity Programs
A Comprehensive Guide As with many other fields in technology, cybersecurity is in a constant state of evolution. One often overlooked area is the field of GRC. Governance, Risk, and Compliance (GRC) is a protective structure that aligns IT with an organization’s goals while managing and mitigating risks to the organization. When GRC is combined […]
How ‘Shifting Left’ speeds compliance processes
Automating control monitoring and evidence gathering can ensure compliance throughout the production lifecycle. In the same way that Grammarly helps us write more clearly, a shift left compliance approach helps us boost resilience by embedding checks in the production process, explains Adam Markowitz, CEO, and Co-Founder, Drata. Security policies and compliance requirements frequently hinder efficient […]
Navigating Cloud Security Compliance: Understanding FedRAMP, StateRAMP, and Key Differences
In the ever-evolving landscape of cloud computing, ensuring robust security measures is paramount. Federal and state governments, along with private enterprises, adhere to specific security compliance frameworks to safeguard sensitive data. This article will delve into the differences between FedRAMP, StateRAMP, and general cloud security compliance, shedding light on their unique aspects. 1.FedRAMP (Federal Risk […]
Ensuring HIPAA Compliance on Mobile Devices: A Vital Guide
In today’s digital age, where mobile devices have become an integral part of healthcare delivery and patient management, maintaining the highest standards of data security and privacy is of paramount importance. The Health Insurance Portability and Accountability Act (HIPAA) sets the benchmark for safeguarding sensitive patient information, even in the mobile realm. Let’s delve into […]
PCI COMPLIANCE IN AWS – SIMPLIFIED
This post was originally published by (ISC)² Management. Payment Card Industry Data Security Standards or PCI DSS, are a set of 12 requirements with over 300 controls which apply to any organization which stores, processes or transmits credit card data. Today, I will attempt to add some clarity around PCI compliance within AWS Read more here: https://blog.isc2.org/isc2_blog/2019/10/pci-compliance-in-aws-simplified.html
Making Security and Compliance a Priority in the Cloud
This post was originally published here by gregg rodriguez. Global data breaches hit 1,500 in 2018, based on public disclosures, making security and compliance in the cloud a top priority for enterprises. While cloud computing can quickly expand your capabilities and help you achieve your business goals, it also introduces complexity to securing these new computing environments. Despite the complexity, […]
Cloud requires new approach to security and compliance
This post was originally published here by gregg rodriguez. Public cloud, or Infrastructure as a Service (IaaS), offers an enhanced level of flexibility and scalability with its on-demand unlimited virtual space and abundant server resources. Though as more enterprises rush to reap the benefits of the cloud, they’re facing new challenges in maintaining cloud security […]
Enhanced security and compliance for AWS
This post was originally published here by casey pechan. Navigating the Amazon Web Services (AWS) Shared Responsibility Model can be tricky, but nonetheless it’s critical to understand what security protections AWS provides and what security additions can be sourced in the AWS Marketplace. Hint: we’re in it! Our latest white paper, enhanced security and compliance for Amazon […]
Care Analytics partner webinar: CloudPassage security and compliance
This post was originally published here by casey pechan. Not only is Care Analytics a valued partner of ours, but they provide excellent cloud computing for the healthcare industry. In their latest webinar: Featured partner, CloudPassage security and compliance, we sat down with some of their team to demo and discuss our platform CloudPassage Halo, which Care Analytics […]
5 tips to secure Docker containers for early adopters
This post was originally published here by alok ojha. Linux Containers, such as LXC & Solaris zones, have existed since the mid 2000s. However, containers weren’t widely used outside of large tech companies such as Google until Docker was first released at PyCon in March 2013 followed by the replacement of LXC with libcontainer as the default […]