Compliance Standards Archives | Page 77 of 81

California Online Privacy Protection Act (CalOPPA)

Consequences of Non-compliance With CalOPPA

by RSI Security September 25, 2018October 26, 2018

In 2003, California became the first state in the country to set robust strictures on the visibility of online consumer data. The California Online Privacy Protection Act, also known as CalOPPA, created regulations that required online websites and businesses to prominently display their Privacy Policy in regard to their users data.This law aimed to protect online users’ data and to inform them as to how their data might be tracked, mined, stored, trolled, sold, used, or shared. As of now, the posting of this notification is mandatory for any business or website that accrues personally identifiable information from California residents. CalOPPA states, [A website must] conspicuously post its Privacy Policy on its Web site, or in the case of an operator of an online service, make that policy available. If you are an online business found in non-compliance, if you do not clearly convey to your customers what data you collect, how you collect it, and what you plan to do with it, there are potentially severe ramifications that could cripple your business.

September 25, 2018October 26, 2018 0 comment

California Online Privacy Protection Act (CalOPPA)

California Privacy Policy: What is CalOPPA?

by RSI Security September 25, 2018October 25, 2018

written by RSI Security

Established in 2003, The California Online Privacy Protection Act (CalOPPA) was the very first state law in the United States that required commercial and online websites to post their privacy policy to the general public. The goal of this act was to protect online users from having their data mined, stored, used, or sold, without their knowledge or consent.

September 25, 2018October 25, 2018 0 comment

PCI DSS

Tracking and monitoring all access to network resources and cardholder data (PCI DSS Reqs. 3, 7, 10)

by RSI Security September 25, 2018January 14, 2020

written by RSI Security

Recent statistics have shown that 42% of consumers feel that credit cards are the safest payment option to protect cardholder data for their online purchases. With more consumers focusing on purchasing online rather than via brick and mortar retailers, this means that online retailers must take extra care in monitoring their network resources as they pertain to their cardholder data. Consumers are well within their entitlement to expect that their credit card transaction is secure once it has been processed. However, that expectation might fall short if the pathways that the payment company develops does not securely transmit their cardholder data once the transaction goes through. It is for this reason (and many others) that securing access to network resources for any organization that processes and/or stores credit card payments is critical.

September 25, 2018January 14, 2020 0 comment

PCI DSS

Deploying Secure Systems and Applications (PCI DSS Req. 6)

by RSI Security September 12, 2018November 19, 2024

written by RSI Security

The Payment Card Industry (PCI) is a coalition of credit card companies including American Express, Discover, MasterCard and Visa that is built on the backbone of 12 requirements specified in the PCI Data Security Standards (DSS). These requirements were implemented to ensure the continued financial safety of businesses and consumers alike. The number and severity of data breaches constantly on the rise and the PCI DSS requirements are there to provide organizations with the compliance framework they need to maintain a high level of network security.

September 12, 2018November 19, 2024 0 comment

Cloud Security NIST 800-171 / DFARS

NIST Definition of Cloud Computing

by RSI Security September 12, 2018May 30, 2025

written by RSI Security

The term Cloud Computing appears in Google search nearly 54 million times. But The Cloud remains to be this elusive entity to the general population. Those who fit into this category either see cloud-based computing as this near-magical technology that whisks your data into another dimension for you to summon at a moments notice at your beck and call (which sounds pretty wizard-like). For those who work with the technology daily and understand its capabilities, the technology is much more simplistic than others would make it seem, even though it does have some technical nuances.

September 12, 2018May 30, 2025 2 comments

NIST 800-171 / DFARS Password Management Tips, Tools & Best Practices

What You Need to Know About NIST Password Guidelines

by RSI Security September 12, 2018November 19, 2024

written by RSI Security

Almost every online interaction, whether it be a financial transaction, company login, or a simple email conversation, requires the use of a password. With data breaches becoming more common and prolific, passwords have evolved into complex strings of characters that are difficult to remember. Ironically, this conundrum has resulted in stores selling password books for recording all the numerous credentials individuals use on a daily basis; however, this defeats the very purpose of passwords. Consequently, the National Institute of Science and Technology (NIST) began researching past data breaches and experimenting with various password structures to identify better authentication practices. Besides providing NIST definitions for cloud computing, the NIST has also now provided guidelines to create safer passwords. Do you know how to create a safe and effective password for your profiles? Learn about NIST password guidelines and NIST compliance by reading on.

September 12, 2018November 19, 2024 0 comment

NIST 800-171 / DFARS

How to Improve Your Security With NIST

by RSI Security September 12, 2018January 6, 2025

written by RSI Security

Business owners should know the answer to the question, how prepared is your business to face cyber threats? However, most do not. The National Institute of Standards and Technologys (NIST) cybersecurity framework is one of the most recognized structures for improving sensitive data security against todays cyber threats from all devices. Meant to be a voluntary framework for taking security measures to identify and minimize cybersecurity risks, the NIST framework has been used in a wide variety of industries. In this article, well break down why the NIST framework was created, how it is structured, and how it helps to create a robust cybersecurity risk-management strategy. The NIST framework can be daunting at first, particularly for smaller organizations that may not be sure how to leverage the framework to create actionable insights into gaps in their cybersecurity. The information provided in this article should prove as a helpful starting place for organizations wishing to get a brief introduction to the NIST framework, as well as highlight some of the key advantages that adopting the NIST framework brings to organizations of any size.

September 12, 2018January 6, 2025 0 comment

NIST 800-171 / DFARS

Why You Should Adopt the Cybersecurity NIST Framework

by RSI Security September 12, 2018October 26, 2018

written by RSI Security

Data breaches are a major cyber risk that can instantaneously affect a companys bottom line in more ways than one which is why it is imperative to find comprehensive cyber security solutions to ensure that your business is safe. They can drive up costs via increased compliance-related fines and impact revenues due to the decrease in consumer trust in the organizations products or services as a result of the cyber attacks. If a data breach is large enough, it can cripple a companys critical infrastructure to the point that they cannot come back from. To combat these instances of cyber infrastructure threats, President Barack Obama signed Executive Order 13636 for Improving Critical Infrastructure Cybersecurity, on February 12, 2013. This Executive Order established a U.S. Policy that focuses on the enhancement of the Nations critical infrastructure through the maintenance of public and private cyber environments.

September 12, 2018October 26, 2018 0 comment

HIPAA / Healthcare Industry

HIPAA: What is it and What are Your Rights?

by RSI Security September 11, 2018April 28, 2025

written by RSI Security

The Healthcare Insurance Portability and Accountability Act (HIPAA) has been the gold standard for healthcare regulations and patient rights since the law was passed in 1996 by the U.S. government. HIPAA has been updated and added to several times over the course of the past 22 years with the intention of keeping patients and their personal information secure.

September 11, 2018April 28, 2025 0 comment

NERC CIP

What is NERC CIP Compliance?

by RSI Security August 29, 2018April 10, 2025

written by RSI Security

Flashback to August 14, 2003 when North America experienced its worst blackout to date with more than 50 million people losing power in the Northeastern and Midwestern United States and parts of Canada. Less than 3 years prior to this massive blackout, the North American Electric Reliability Corporation (NERC) had been appointed as the electric utility industrys primary point of contact with the U.S. government for national security and critical infrastructure protection issues. After nearly eight (8) months of investigations into the record-breaking blackouts, NERC found that the prevention of future blackouts could be done through making Reliability Standards mandatory and enforceable through the U.S. federal government.

August 29, 2018April 10, 2025 2 comments