Penetration Testing for HIPAA Compliance

by Sarah Harvey / October 6, 2023

What is Penetration Testing? Penetration testing is a critical line of defense when protecting your organization’s sensitive assets from malicious outsiders. Penetration testing is the process of performing authorized security testing of an environment to identify and exploit weaknesses associated with the targeted systems, networks, and applications before those weaknesses can be exploited by a real attacker. When performed in support of HIPAA compliance, the goal is to identify issues…

How to Accurately Define the Scope of an Information Security Assessment

by Sarah Harvey / December 19, 2022

In this session of Duo’s webinar series, A Comprehensive Security Roadmap for MSPs, Joseph Kirkpatrick presents best practices for defining and reducing the scope of an information security assessment. Scoping involves the identification of people, processes, and technologies that interact with, or could otherwise impact, the security of the information to be protected. Scoping is the first step for any assessment and also one of the most important elements of…

Do I need a SOC 1 Type I or a SOC 1 Type II Report?

by Joseph Kirkpatrick / February 7, 2023

When considering having a SOC 1 audit performed, there are two different report options available. Knowing whether you need a SOC 1 Type I or a SOC 1 Type II report will depend on your client's needs and timing constraints. What’s the difference between a SOC 1 Type I and a SOC 1 Type II report? A SOC 1 Type I and a SOC 1 Type II both report on…

PCI DSS: New Requirements in 2018

by Sarah Harvey / October 6, 2023

What are the New PCI Requirements? Nine new PCI DSS requirements will became required as of February 1, 2018. While there are only nine new items, they could have a significant impact on your environment. If you have not already started to work on these items, you are likely already behind. In this webinar, Jeff Wilder will discuss how to prepare for and implement these requirements. The new PCI DSS…

Everything You Need to Know About SOC 1 Audits

by Sarah Harvey / April 12, 2023

Are you being asked by a top client for a SOC 1 audit report? What is a SOC 1 report? Do you need a SOC 1 audit? Below, you’ll find answers to frequently asked questions about SOC 1 audit reports and learn how your organization can benefit from having a SOC 1 report and what you can expect from your SOC 1 audit process. What is a SOC report? Developed…