by
Sarah Harvey / December 16, 2022
The evolution of the cloud presents new security issues every day. As more and more organizations migrate user data to the cloud, it drives both cloud service customers and providers to consider how the cloud will impact the privacy and security of data. How does your organization secure your cloud environment? Just like any type of technology or IT operation, the security of your service needs to be validated by…
by
Sarah Harvey / December 16, 2022
Investing in regular penetration testing is oftentimes a hard pill to swallow. You’re paying someone to break into your networks, systems, or applications. You might find that your secure technology isn’t as secure as you thought. Your ever-changing, complex environment might create more vulnerabilities than expected. Plus, you might not even be sure what you need or who should perform the testing. Though undergoing penetration testing may seem daunting, there’s…
by
Sarah Harvey / December 16, 2022
Common Criteria 9.2 When a service organization undergoes a SOC 2 audit, auditors will verify whether they comply with the common criteria listed in the 2017 SOC 2 Trust Services Criteria. Common criteria 9.2 says, “The entity assesses and manages risks associated with vendors and business partners.” How can organizations be sure that they’re complying with this criterion? Let’s take a look at key ways organizations can manage vendor risk.…
by
Joseph Kirkpatrick / December 16, 2022
Common Criteria 9.1 When a service organization undergoes a SOC 2 audit, auditors will verify whether they comply with the common criteria listed in the 2017 SOC 2 Trust Services Criteria. Common criteria 9.1 says, “The entity authorizes, designs, develops or acquires, configures, documents, tests, approves, and implements changes to infrastructure, data, software, and procedures to meet its objectives.” How can organizations be sure that they’re complying with this criterion?…
by
Joseph Kirkpatrick / December 16, 2022
Common Criteria 8.1 When a service organization undergoes a SOC 2 audit, auditors will verify whether they comply with the common criteria listed in the 2017 SOC 2 Trust Services Criteria. Common criteria 8.1 says, “The entity authorizes, designs, develops or acquires, configures, documents, tests, approves, and implements changes to infrastructure, data, software, and procedures to meet its objectives.” How can organizations be sure that they’re complying with this criterion?…
