Logical Access Fundamentals for Enhanced Security: A Webinar Recap  

by Tori Thurmond / March 21, 2024

Logical access is an essential aspect of any organization’s security. You need to make sure that the right people have access to what they need but at the same time, you need to prevent unauthorized personnel from accessing sensitive information. Finding the appropriate balance can be difficult and confusing if you’re not working with security experts. That’s why one of our experienced auditors, Ron Hallford, hosted a webinar dedicated to…

Expert Insight: A Few Quick Tips Regarding Logical Access 

by Lorna Willard / June 7, 2023

Data security is often seen as a burden, not a business-driving tactic. However, in today’s world with the proliferation of IT, the internet, the cloud, and risk associated with these systems and data, properly securing your data is essential to the success of your organization. Logical access is a key factor to data security that could easily be neglected, leaving your organization vulnerable to the growing threats of today’s security…

Most Common SOC 1 Gaps

by Sarah Harvey / June 13, 2023

If you knew a hurricane or car accident was going to happen, wouldn’t you do your best to prepare for it? You’d want to know every detail of its likelihood so your plan of action would prevent as much damage as possible. The same principle applies to information security breaches - that’s why it’s important for your organization to be aware of and remediate common security gaps so you can…

10 Most Common SOC 2 Gaps

by Sarah Harvey / June 13, 2023

In 2019, State Farm notified policyholders of a cybersecurity attack in the form of credential stuffing, a tactic often used by hackers that relies on a lack of password maintenance. State Farm took proper measures to reset passwords and notify affected parties of the attack, but what if State Farm employees were properly implementing multi-factor authentication practices from the start? Would this attack have even happened? How could State Farm…

SOC 2 Academy: Dealing with External Threats

by Joseph Kirkpatrick / May 31, 2023

Common Criteria 6.6 When a service organization undergoes a SOC 2 audit, auditors will verify whether they comply with the common criteria listed in the 2017 SOC 2 Trust Services Criteria. Common criteria 6.6 says, “The entity implements logical access security measures to protect against threats from sources outside its system boundaries.” How can organizations be sure that they’re complying with this criterion? Let’s discuss. Dealing with External Threats During…