How to Apply SOC 2 Type 2 Trust Services Criteria to Your Business

SOC 2 Type 2 Trust Services Criteria

As a technology-based service organization, undergoing a SOC 2 Type 2 audit may be required by a customer or could be helpful for demonstrating your organization’s capabilities and differentiating your business from competitors. We explained this in our post about SOC audit report basics if you need to know the what, why, who and how […]

SOC Audit Report Basics: The What, Why, Who and How

SOC Audit Report Basics

Companies have learned the hard way that vendor and partner data should be considered when hardening their security program. If your organization provides outsourced services to another company, you may be asked to undergo a SOC audit and provide a report as an important part of a company’s third-party risk management program Learn about the […]

What is HITRUST? Answers to Your HITRUST CSF Questions

What is HITRUST? Answers to HITRUST CSF Questions

Originally focused on healthcare security, HITRUST’s reputation for being the most comprehensive security framework has provided cross-industry popularity. This gain in traction is spurring many organization decision makers to ask the question, “What is HITRUST?” and evaluating if their company should earn HITRUST CSF certification. This article provides a HITRUST overview and answers your HITRUST […]

HITRUST CSF Version 9.4 CMMC and NIST Mapping: What’s New

HITRUST CSF Version 9.4

The HITRUST Alliance recently released HITRUST CSF version 9.4. This iteration of HITRUST v9 further delivers on the organization’s mission to provide “One Framework, One Assessment, Globally” by incorporating and streamlining the largest number of authoritative sources of any security and privacy framework. This article explains the added HITRUST CMMC and NIST mapping aspects of this […]

Achieve Secure Cloud Adoption Using HITRUST

Using HITRUST for Secure Cloud Adoption

Most security teams are accustomed to operating in an environment where they have a high level of access to and control over their network infrastructure. In an on-premises data center, the organization owns and controls their own infrastructure, making it relatively easy to implement required security controls, perform audits, and achieve and maintain regulatory compliance. […]

What You Need to Know About the New NIST Privacy Framework

NIST Privacy Framework

The internet and newly created technologies powered by data being collected from individuals have created many advantages for society. From using Internet of Things (IoT) devices like Alexa or Google Home to connecting with friends and family on social media platforms like Facebook or Instagram, mankind has brought itself to a new frontier. But satisfying […]