Who’s Responsible for Cloud Security?

by Sarah Harvey / December 19, 2022

As more and more organizations migrate to the cloud, it drives cloud service customers to consider how the cloud will impact their privacy, security, and compliance. First, cloud service customers must understand how their cloud service provider delivers a secure solution. Second, cloud service customers must consider their new role in cloud security. Some cloud service customers mistakenly believe that when they migrate to the cloud, their cloud security responsibilities…

Auditor Insights: Compliance from the Start

by Shannon Lane / October 11, 2023

Why Don’t Organizations Start with Compliance? At its core, business is a function of time, vision, service, and money. What do we provide? How do we intend to provide it? What takes precedence - the opportunity now or the infrastructure to support things tomorrow? How do we do what we do in a way that makes sense with the resources we have? I’ve found that compliance tends to be one…

How Cloud Computing is Changing Small Business

by Sarah Harvey / December 20, 2022

Is your small business considering migrating to the cloud? Has your large business seen more and more competition from small businesses? Cloud computing is essential for businesses of all sizes, but small businesses have seen an endless amount of benefits from cloud computing, including financial, operational, and security benefits. Let’s discuss how each of these items related to cloud computing is changing small business. Affordable Investment There’s been an enormous…

business people walking

Are You a Data Controller or a Data Processor? (GDPR)

by Mark Hinely / October 11, 2023

The most frequently asked question I’ve received related to GDPR compliance has to do with data processing roles: is my organization a data controller or data processor? Determining your organization’s data role can be challenging because of textual and practical ambiguity, but identifying your role is the starting point for determining which GDPR requirements your organization must follow. The responsibilities of data controllers are different than responsibilities of data processors.…

Ransomware Alert: Lessons Learned from the City of Atlanta

by Sarah Harvey / December 20, 2022

What Happened in Atlanta? On March 22, the City of Atlanta suffered from an incredibly damaging ransomware attack from SamSam. Multiple types of applications, including internal and customer-facing applications that allow bill payment and access court-related documents, were compromised. For over a week, a cross-functional incident response team made up of the FBI, Department of Homeland Security, Microsoft, Cisco Security, and Dell SecureWorks have been working to find a resolution. In…