Blog

PCI Requirement 4 – Encrypt Transmission of Cardholder Data Across Open, Public Networks

by Randy Bartels / April 12, 2023

PCI Requirement 4 demands, “Encrypt transmission of cardholder data across open, public networks.” How will this requirement benefit your organization? Complying with PCI Requirement 4 will help prevent your organization from being a target of malicious individuals who exploit the vulnerabilities in misconfigured or weakened wireless networks. So as a safety measure, sensitive data that you transmit over open networks must be encrypted. Assessors will be evaluating whether your organization…

5 Tips for a Successful Penetration Test (Pentest)

by Sarah Harvey / December 19, 2022

Regular penetration tests are a critical line of defense when protecting your organization’s sensitive assets from malicious outsiders. Just like any test, you need to be prepared. Your organization should take steps to ensure that you pass your penetration test and will be prepared to fend off attackers. Not only are regular penetration tests required by most audit frameworks and provide real-world insight into how hackers can exploit vulnerabilities, they…

What’s The Difference Between SOC 1, SOC 2, and SOC 3?

by Joseph Kirkpatrick / February 7, 2023

When it comes to SOC (System and Organization Controls) reports, there are three different SOC report types: SOC 1, SOC 2, and SOC 3. When considering which report fits your organization’s needs, you must first understand what your clients require of you and then consider the areas of internal control over financial reporting (ICFR), the Trust Services Criteria, and restricted use. Each SOC report type fulfills a different purpose, and…

Episode 4 – How are HITRUST Controls Scored? The HITRUST CSF Maturity Model

by Joseph Kirkpatrick / December 22, 2022

Whether you are doing a HITRUST CSF Self-Assessment or Validated Assessment, you will be required to score your organization’s compliance with the controls according to the HITRUST Maturity Model. For organizations familiar with the Plan, Do, Check, Act model – a cycle which starts with direction and tone from the top and used as a template for continuous improvement – you will find similarities within the HITRUST Maturity Model and…

Episode 3 – HITRUST CSF Assessment & Report Options

by Joseph Kirkpatrick / December 22, 2022

When navigating your HITRUST CSF compliance journey, there are a few different assessment and reporting options to consider. But before you start the process of which HITRUST CSF assessment and report is right for you, it’s important to fully understand what your client is requesting. Have you received a letter from a client in the mail? Are you reviewing an RFP? The first question you must know the answer to…

PCI Requirement 4 – Encrypt Transmission of Cardholder Data Across Open, Public Networks

5 Tips for a Successful Penetration Test (Pentest)

What’s The Difference Between SOC 1, SOC 2, and SOC 3?

Episode 4 – How are HITRUST Controls Scored? The HITRUST CSF Maturity Model

Episode 3 – HITRUST CSF Assessment & Report Options

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.