12 Risks You Need to Know to Secure Your Cloud Environment

by Sarah Harvey / April 12, 2023

Advancements in cloud technology have completely changed the way organizations use, store, process, and share data, applications, and software. Cloud environments tend to be more cost-efficient and time-efficient…so why wouldn’t you put your data in the cloud? Because so many organizations are putting so much sensitive data into cloud environments, they have inevitably become targets for malicious attackers. New security vulnerabilities are consistently being discovered and, in a vicious cycle,…

The Importance of a Culture of Compliance: CompuMail’s Insights

by Sarah Harvey / December 20, 2022

The Need for Security CompuMail began pursuing comprehensive audits in 2009 to ensure efficient, compliant business operations and to maintain a strong multi-industry reputation. Since then, they’ve achieved many compliance goals and excelled to greater levels of assurance. In 2010, they achieved PCI and HIPAA compliance, and soon after, became compliant with FISMA, GLBA, and ISO 27002. Most recently, CompuMail completed further auditing and achieved SOC 1 and SOC 2…

Cloud Security: The Good, The Bad, and The Ugly

by Sarah Harvey / July 12, 2023

Cloud Security Best Practices Cloud environments bring advantages to businesses of all sizes–reduced cost, flexibility, low risk, efficiency–so why do you need to go the extra mile and implement cloud security best practices? Security vulnerabilities exist, even in the cloud. Traditional security problems of an internal network still show up in cloud environments, like one vicious cycle. In this webinar, we discuss three areas where traditional security problems must be…

What is a Risk Assessment? – Learn The 5 Steps to a Risk Assessment

by Joseph Kirkpatrick / April 12, 2023

What is the Purpose of a Risk Assessment? Most information security frameworks require a formally documented, annual risk assessment. You will see this requirement over and over again in your pursuit of SOC 1, SOC 2, PCI DSS, HIPAA, or HITRUST CSF compliance. But what exactly is a risk assessment and why is it so important to information security frameworks? Let's find out. What is a Risk Assessment? A risk…

Understanding Your SOC 1 Report: The 5 Components of Internal Control

by Joseph Kirkpatrick / February 9, 2023

 What are the Components of Internal Control (CRIME)? The framework utilized for a SOC 1 audit is known as the COSO Internal Control Framework. It’s one of the most common models used to design, implement, maintain, and evaluate internal control. To have an effective system of internal control, the COSO framework requires that service organizations have the defined components of internal control present, functioning, and supporting business and internal…