Security Year in Review

Now that 2016 has come to a close and we have started 2017, I wanted to take a moment to review some of the information security stories from last year, and provide some insight on how you can protect yourself from them in 2017 since those issues are not going away any day soon.

What Is FISMA And FISMA Compliance?

The Federal Information Security Management Act (FISMA) was originally released in December 2002 and established the importance of information security principles and practices within the Federal Government, noting that information security was “critical to the economic and national security interests of the United States.

Understanding the HIPAA Security Rule Regarding Required vs. Addressable Implementation Specifications

Compliance with the requirements of the HIPAA Security Rule starts with understanding how it is constructed. The Security Rule is comprised of security standards and implementation specifications. Each Security Rule standard is a requirement: a covered entity must comply with all of the standards of the Security Rule with respect to the ePHI it creates, transmits or maintains.

Need A SOC Report? How To Know Which One Is Best For Your Service Organization

A SOC (Service Organization Control) report is a report on controls at a service organization related to various types of subject matter, for example: controls that affect user entities’ financial reporting; controls that affect the security, availability, and processing integrity of the systems; or the confidentiality or privacy of the information processed for user entities’ clients.

The Problem With Passwords

The problem with passwords that humans come up with is that people want to create passwords they can easily remember. Most people do this so they don’t have to remember 100 passwords. I get it. Actually, it’s pretty much impossible (unless you have a photographic memory) to remember 100 passwords that are changing at various time intervals for all of the web sites and applications that you have accounts on.

The SOC 2 Privacy Audit

The Privacy Times. Privacy is a daily news topic with staying power as strong as we have ever seen it. Searching for the word “privacy” on any reputable news site will generate articles containing the day’s wide-ranging contributors—from Germany’s data protection authority ordering Google to change its data collection practices; to continued criticism of the U.S. […]