Compliance

Compliance with corporate, government and industry standards and regulations is critical to meet business goals, reduce risk, maintain trust and avoid fines. Get advice on audit planning and management; laws, standards and regulations; and how to comply with GDPR, PCI DSS, HIPAA and more.

March 16, 2022 16 Mar'22
Biden signs law on reporting critical infrastructure cyber attacks

President Joe Biden signed a law that requires critical infrastructure entities to report cyber attacks within 72 hours and report ransom payments in 24 hours.
February 10, 2022 10 Feb'22
Why Massachusetts' data breach reports are so high

Massachusetts discloses breaches of companies that affect just a single resident, giving the commonwealth a much larger number of 2021 incidents than other states.
January 24, 2022 24 Jan'22
Monero and the complicated world of privacy coins

Monero is known for being one of the most common cryptocurrencies seen in illicit transactions, but its development community paints a different picture of the privacy coin.
May 25, 2021 25 May'21
Chaos in Maricopa County: The election audit explained

The controversy about an election audit of Maricopa County, Ariz., involves accusations of deleted databases, bamboo fibers and potentially ruined voting machines.

Bring yourself up to speed with our introductory content

SOC 1 (System and Organization Controls 1)

System and Organization Controls 1, or SOC 1 (pronounced "sock one"), aims to control objectives within a SOC 1 process area and documents internal controls relevant to an audit of a user entity's financial statements. Continue Reading
Luhn algorithm (modulus 10)

The Luhn algorithm, also called modulus 10 or modulus 10 algorithm, is a simple mathematical formula used to validate a user's identification numbers. Continue Reading
COPPA (Children's Online Privacy Protection Act )

The Children's Online Privacy Protection Act of 1998 (COPPA) is a federal law that imposes specific requirements on operators of websites and online services to protect the privacy of children under 13. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

ESG analysts discuss how to manage compliance, data privacy

ESG analysts offer three recommendations for effective data governance: good C-level and IT leadership, visibility into cloud infrastructure and understanding cloud architecture. Continue Reading
The top secure software development frameworks

Keeping security top of mind when developing software is paramount. Learn how to incorporate security into the SDLC with the top secure software development frameworks. Continue Reading
Study attests: Cloud apps, remote users add to data loss

A study from ESG found many customers attribute data loss and compliance troubles to the race to put apps in the cloud and accommodate remote workers amid the pandemic. Continue Reading

Learn to apply best practices and optimize your operations.

Deploy an information barrier policy for Microsoft Teams

Mistakes happen, but can be costly when they involve compliance. Office 365 information barriers can prevent inadvertent sharing to protect the organization's sensitive data. Continue Reading
How endpoint encryption works in a data security strategy

Companies should use encryption to keep data on endpoints protected should an attacker successfully get hold of a device or breach enterprise security measures. Continue Reading
Crosswalk cloud compliance to ensure consistency

Combining a risk management framework with security policies can be tricky, but crosswalking -- especially in the cloud -- can help address inconsistencies and maintain compliance. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How to overcome GDPR compliance challenges

As GDPR fines and penalties increase, organizations must prioritize compliance to avoid financial and reputational damages. Learn about the top challenges and their solutions. Continue Reading
HIPAA compliance checklist: The key to staying compliant in 2020

Putting together a HIPAA compliance program can be fraught with difficulty. Review best practices and a HIPAA compliance checklist to avoid common pitfalls and pass an audit. Continue Reading
Shared responsibility model transparency boosts cloud security

The shared responsibility model delineates where company and CSP security responsibilities start and end. This is critical not only for compliance, but also the big security picture. Continue Reading