FISMA vs. FedRAMP

by Sarah Harvey / June 13, 2023

FISMA and FedRAMP audits are often confused because both involve compliance around government data. But, when you dive into the details of each audit, you’ll recognize the differences are stark. Let’s talk through each of these compliance audits and how you can tell them apart from one another. What is FISMA? The Federal Information Security Modernization Act, or FISMA, is U.S. legislation that requires government agencies to meet a standard…

Considering an Audit Readiness Tool? 4 Questions to Ask

by Sarah Harvey / January 10, 2024

Using KirkpatrickPrice for Audit Readiness We've seen more and more automated solutions and tools enter the market that promise easy and cheap compliance, no commitment, and expert guidance. Don't be fooled, though! These audit prep solutions and tools are actually only promising one thing: readiness. Unlike firms with automated solutions and tools that focus solely on audit readiness, KirkpatrickPrice provides a comprehensive audit experience. They cannot provide what you actually…

Cheat Sheet for Office 365 Forwarding Rules

by Sarah Harvey / November 20, 2023

Protecting Your Office 365 Accounts A key part of your organization's information security strategy is correct configurations for Office 365, because compromising your Office 365 accounts is a gateway to much more sophisticated attacks. Many industry breach reports speculate that hacking Office 365 email accounts is the first thing an attacker wants to do, because it has the potential to give them access to so much more information. Phishing is…

Learning from Twitter’s Privacy Mistakes

by Sarah Harvey / October 4, 2023

Because of the ever-changing landscape of privacy laws, standards, and guidelines, it has become difficult for businesses to know what their obligations are, and even harder to determine what could constitute non-compliance. Fortunately, Twitter’s mistakes now provide us with an example of what a violation looks like. Twitter has been in the spotlight for a recent hack, and now the Federal Trade Commission is investigating its privacy practices regarding targeted…

What’s Going On With the EU-US Privacy Shield Agreement?

by Sarah Harvey / December 16, 2022

The Latest With Privacy Shield On July 16, the Court of Justice for the European Union made a landmark decision to invalidate the EU-US Privacy Shield arrangement for international data transfers. Prior to this announcement, Privacy Shield was one of several mechanisms for meeting GDPR data protection requirements for data leaving the EU for the US. The Court’s decision impacts the thousands of organizations participating in and relying on Privacy…