Compliance Standards Archives | Page 36 of 80

What is the CCPA Statute of Limitations?

by RSI Security December 2, 2021March 30, 2022

The California Consumer Privacy Act (CCPA) protects the rights of data subjects in California. The CCPA statute of limitations refers to two things, broadly: the timeframe within which legal action may be brought against an organization for violating CCPA rights and the duration for which such an organization is allowed to retain data pertaining to a California consumer. Our guide will break down these definitions and explain other essentials of CCPA compliance.

December 2, 2021March 30, 2022 0 comment

PCI DSS

Proper System Authentication Measures for PCI DSS 8 Requirements

by RSI Security November 30, 2021March 30, 2022

written by RSI Security

Payment Card Industry (PCI) compliance is required for security and stability of all card-related transactions, regardless of industry. The Data Security Standard (DSS) as stipulated by the PCI is broken down into 12 primary requirements; this article will detail PCI DSS Requirement 8, which focuses on identifying and authenticating all access to system components. Below, we’ll examine all controls and measures for compliance within Requirement 8’s sub-requirements.

November 30, 2021March 30, 2022 0 comment

SOC 2

Why Is SOC 2 Compliance Important?

by RSI Security November 30, 2021April 5, 2022

written by RSI Security

The American Institute of Certified Public Accountants (AICPA) publishes various audit and reporting guides designed to keep companies and their stakeholders safe. One that applies to most service organizations, including but not limited to cloud computing providers, is the SOC 2 framework. So, why is SOC 2 compliance important? Read on to learn why it matters, how it helps cloud organizations specifically, and how its criteria can help all companies.

November 30, 2021April 5, 2022 1 comment

PCI DSS

PCI DSS Best Practices for Compliance

by RSI Security November 25, 2021March 7, 2022

written by RSI Security

Any organization that handles cardholder data (CHD) is required to follow the Data Security Standards (DSS) established by the Payment Card Industry (PCI). These rules and regulations play a critical role in protecting networks and CHD environments (CDE) from internal and external threats alike. However, their effectiveness can depend on your staff following a few PCI DSS best practices.

November 25, 2021March 7, 2022 0 comment

NIST 800-171 / DFARS

How and Why DoD Contractors Must Protect Covered Defense Information

by RSI Security November 23, 2021June 5, 2023

written by RSI Security

The federal government utilizes contractors to provide routine services and products to achieve the nation’s missions and conduct operations. During the course of business, the government shares sensitive information with federal contractors, which is then stored, processed, and transmitted via information systems. Department of Defense (DoD) contractors must abide by Defense Federal Acquisition Regulation Supplement (DFARS) requirements for protecting Covered Defense Information (CDI), which is directly related to national security.

November 23, 2021June 5, 2023 0 comment

California Consumer Privacy Act (CCPA)

Who Enforces CCPA Compliance?

by RSI Security November 19, 2021March 1, 2022

written by RSI Security

The California Consumer Privacy Act (CCPA) took effect on July 1, 2020, providing state residents with the most comprehensive data privacy protections in the US. Comparable to the EU’s GDPR, the CCPA specifies individuals’ rights regarding companies collecting, using, and storing their personal data.

November 19, 2021March 1, 2022 0 comment

PCI DSS

What Are the PCI Merchant Level Requirements?

by RSI Security November 18, 2021November 24, 2021

written by RSI Security

Companies that process credit card payments must comply with the Payment Card Industry (PCI) Data Security Standard (DSS). Two essential questions for all organizations seeking PCI compliance are what is merchant PCI compliance? and what does it require? Below, we answer these and other questions about PCI merchant level requirements applicable to your business.

November 18, 2021November 24, 2021 0 comment

HITRUST

What is the HITRUST Threat Catalogue?

by RSI Security November 17, 2021March 30, 2022

written by RSI Security

Organizations in any industry can benefit from threat intelligence, or information that helps identify, analyze, categorize, and ultimately mitigate cybersecurity threats. The HITRUST threat catalogue, a publication of the HITRUST Alliance, is designed with these aims in mind. It breaks down the most common and dangerous kinds of threats into manageable categories, so that an organization can swiftly determine how to address a given threat before it becomes a full event.

November 17, 2021March 30, 2022 0 comment

CMMC

CMMC 2.0 Update: Everything Your Organization Needs to Know

by RSI Security November 15, 2021December 22, 2021

written by RSI Security

The Cybersecurity Model Maturity Certification (CMMC) framework protects Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) processed by Department of Defense (DoD) contractors. On November 4, 2021, the DoD announced a massive overhaul of CMMC version 1.02 and the imminent release of CMMC 2.0. The new framework is not yet publicly available, leaving many organizations with questions about how they’ll need to adjust.

November 15, 2021December 22, 2021 0 comment