Blog

PCI DSS: Important Updates Due February 2018

by Sarah Harvey / December 19, 2022

Effective February 1, 2018, there are new PCI DSS requirements that could have a significant impact on your PCI compliance. If you haven’t started working to meet these new requirements, you should make plans to speak with your auditor about how to start implementing these changes. The nine new PCI DSS requirements will be considered best practice until February 1st. These requirements are: New PCI DSS Requirements for Everyone Requirement…

Top 5 Cyber Security Awareness Tips for Employees

by Sarah Harvey / June 14, 2023

Employee Training and Cyber Crime Human error is one of the greatest threats to organizational security – after all, you’re only as strong as your weakest link, and people are your first line of defense. The best way to ensure that your entire workforce is prepared to thwart malicious cyberattacks is to implement annual employee cyber security awareness training. The cyber-crime landscape is constantly changing, so business owners and stakeholders…

Will I Pass a SOC 1 Audit? What if I Fail The Audit? Reasonable Assurance Explained

by Joseph Kirkpatrick / February 7, 2023

Organizations put valuable resources into completing SOC 1 audits: time, money, people, technology, and more. We know that often times, a SOC 1 audit can make it or break it for our clients’ business and we don’t take that lightly. When someone asks us, “Will I pass a SOC 1 audit? What if I fail the audit? What happens if I fail?”, we want to give them the best explanation…

Penetration Testing for HIPAA Compliance

by Sarah Harvey / October 6, 2023

What is Penetration Testing? Penetration testing is a critical line of defense when protecting your organization’s sensitive assets from malicious outsiders. Penetration testing is the process of performing authorized security testing of an environment to identify and exploit weaknesses associated with the targeted systems, networks, and applications before those weaknesses can be exploited by a real attacker. When performed in support of HIPAA compliance, the goal is to identify issues…

How to Accurately Define the Scope of an Information Security Assessment

by Sarah Harvey / December 19, 2022

In this session of Duo’s webinar series, A Comprehensive Security Roadmap for MSPs, Joseph Kirkpatrick presents best practices for defining and reducing the scope of an information security assessment. Scoping involves the identification of people, processes, and technologies that interact with, or could otherwise impact, the security of the information to be protected. Scoping is the first step for any assessment and also one of the most important elements of…

PCI DSS: Important Updates Due February 2018

Top 5 Cyber Security Awareness Tips for Employees

Will I Pass a SOC 1 Audit? What if I Fail The Audit? Reasonable Assurance Explained

Penetration Testing for HIPAA Compliance

How to Accurately Define the Scope of an Information Security Assessment

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.