Security architecture can be defined as the controls that support IT infrastructure. For a large enterprise, security architecture extends beyond prescriptive processes; it must adapt to address evolving cybersecurity threats…
-
-
What is a SSAE 18 Type 2 Report, and How Does it Relate to SOC 2 Audits and Reporting?
by RSI Securityby RSI SecuritySSAE 18 is a set of standards governing service organizations’ security practices. It’s used to identify and manage risks involved in handling consumer data. Many organizations need to showcase compliance…
-
Overseen by the American Institute of Certified Public Accountants (AICPA), SOC 2 evaluates the implementation of effective standards and controls for organizations outside the financial sector, including software-as-a-service (SaaS) providers.…
-
Recap: Understanding SOC 2 Reports: Types, Purposes & Key Benefits Explained
by RSI Securityby RSI SecurityRSI Security hosted a webinar with Mueller to discuss the types, purposes, and benefits of SOC 2 reports. Panelists discussed aspects of SOC 2 audits, risk management, and assessment of…
-
What Can You Do After a HITRUST Assessment Failed? Top Remediation Strategies
by RSI Securityby RSI SecurityWith more than 20 individual processes, requirements, and standards under its umbrella, the HITRUST Alliance provides a centralized set of guidelines for professionals in the healthcare industry and beyond. Unfortunately,…
-
Comprehensive PCI Compliance Checklist 2021 (With Expected Updates for PCI DSS v4.0)
by RSI Securityby RSI SecurityWith so much reliance on digital payment processing, a standardized set of rules, guidelines, and policies for securing data is critical. Established by the Payment Card Industry (PCI), the Data…
-
HIPAA is the preeminent regulatory standard governing the use and transmission of confidential patient information. Nearly every single entity involved in the healthcare industry—directly or tangentially—needs to comply with the…
-
Data security is paramount when accepting payments through credit & debit cards and payment processing software. Any organization processing, storing, or sharing cardholder data (CHD) is mandated to abide by…
-
Companies that market services or products to consumers in California must comply with CCPA email marketing guidelines to protect data privacy. Essentially, the CCPA protects the rights of consumers in…
-
Although modern cyberattacks are growing in voracity and sophistication, some of the most effective methods still rely on traditional techniques. The “man in the middle attack”—also known as the “monster-in-the-middle,”…