Your Guide to FedRAMP, FISMA and NIST

The federal government processes large amounts of important data daily, which is why it is vital for government organizations to understand and undergo federal assessments such as FedRAMP, FISMA, NIST and NIST SP 800-171. Continue reading “Your Guide to FedRAMP, FISMA and NIST”

How A-LIGN Helped Cloudreach Become PCI DSS Compliant

It is essential for any organization that processes, stores or transmits credit card data to be compliant with the Payment Card Industry Data Security Standard (PCI DSS)—and as the world’s largest cloud-native company, Cloudreach certainly falls within these parameters.

Continue reading “How A-LIGN Helped Cloudreach Become PCI DSS Compliant”

How A-LIGN Helped vXchnge Achieve Data Center Compliance

Data center compliance is important for organizations that manage confidential customer data, given the sensitivity of the information disclosed and the fact that today’s hackers are not easily deterred.

Continue reading “How A-LIGN Helped vXchnge Achieve Data Center Compliance”

Take An In-Depth Look at the SOC 2 Examination Process

Understanding the purpose and examination process of a SOC 2 audit can be confusing for first-time users and experienced customers alike. A simple Google search can give you the basics of a SOC 2 audit, but that generalized knowledge is only the beginning.

Continue reading “Take An In-Depth Look at the SOC 2 Examination Process”

Which Compliance Audit is Right for Me?

When it comes to compliance audits, one should never follow the “one-size-fits-all” mentality. The type of audit you need often depends on your organization’s industry, specific client requests or type of data stored. Continue reading “Which Compliance Audit is Right for Me?”

How to Know if an MSP is PCI DSS Compliant

Managed service providers (MSPs) provide a valuable service by outsourcing information technology services, but they need to be compliant with the Payment Card Industry Data Security Standard (PCI DSS) – and just because they say they’re PCI DSS compliant doesn’t mean they’re a good fit. Below are our tips to go beyond the PCI DSS logo on an MSP’s website and determine whether they’re truly compliant.

Continue reading “How to Know if an MSP is PCI DSS Compliant”

The State of GDPR, One Year Later

Enacted on May 25, 2018, the General Data Protection Regulation (GDPR) shook up the privacy world by enacting some of the strongest consumer protection laws ever seen. Any industry that processes the personal data of European Union residents was affected, and the regulation was designed to force organizations to implement the appropriate processes to manage consumer privacy and build consumer trust.
One year later, we reflect on what’s changed – and where we’re headed in 2019.

Continue reading “The State of GDPR, One Year Later”