The purpose of a Remote Access Policy is to keep your employees productive from anywhere without sacrificing security.
Posts by Category:
- SOC 2
- Identity and Access Management
- Privileged Access Management
- ISO 27001
- Zero Trust
- Role-Based Access Control
- Secure Access Service Edge
In the workstation security policy, you will define rules intended to reduce the risk of data loss/exposure through workstations.
You wouldn’t leave the house without making sure your doors and windows were locked, and that any valuables were hidden or secured in a safe. That way, if you were robbed, the burglar would have a difficult time accessing your most precious assets. In the same way, you need to make sure your organization’s critical data is well protected.
Should you host data on-premise or in the cloud? Who is responsible for security? The company who owns the data, the cloud provider, or both?
It's easy to focus on cybersecurity threats like social engineering and phishing. However, internal threats, such as human error and disgruntled employees, can be just as dangerous - and are often overlooked. A mature onboarding and termination policy that leverages least privilege access is essential to preventing a data breach.
A Business Continuity Policy is critical to your information security program & defines the critical steps your employees need to take after a disaster.
Take a deep breath - you’ve got this. Once your blood pressure is back to a reasonable level, start by looking at the RFI itself and ask yourself some questions.
A SOC 2 report focuses on the controls a company uses to protect customer data, as well as the operational effectiveness of those controls.
This post will help plan and manage time expectations and establish a timeline of deliverables - working backward from your SOC audit start date.
FISMA vs FedRAMP, NIST vs ISO, SOC 2 vs HIPAA, ISO27001 vs SOC 2. The differences between these and which compliance is right for you.
It’s important to keep your Information Security Policy high level. Here are some key points your information security policy should include.
This episode Justin McCarthy has an in-depth chat with Troy Hunt, a respected web security expert, Pluralsite author, and creator of 'Have I Been Pwned?' They talk about all things password related including password reuse, biometrics, and the way security has changed over time.