Compliance would be challenging even if it were a black and white issue. The reality is that compliance regulations, such as PCI DSS and HIPAA, are really just a string of requirements open to interpretation. The definitions of each requirement can vary, sometimes quite a bit, from auditor to auditor or from company to company. Today, even the auditors are getting audited in an effort to ensure that the application of compliance regulations is as uniform as possible.
As a business, whether you’re storing patient records or processing customer credit card data, chances are the government or your customers (or, many times, both) require you to meet some sort of compliance standards. And it ain’t easy.
Often companies think of compliance as an annoying imposition — something to grin and bear. And while achieving compliance is not always a cakewalk, the upside of doing so can be huge. Whether you are interested in starting a company, entering a new market, or winning new customers, achieving compliance can be a major business driver. Here’s why it’s beneficial to your bottom line to think about compliance in this way.
An increasing number of healthcare organizations are transitioning from data centers to cloud computing today. Healthcare CIOs are, like those in many other industries, turning to the cloud to realize benefits that include efficiency, flexibility, and cost savings. Some experts argue that this increased use of the cloud opens them up to more security challenges, but in fact the cloud isn’t necessarily any less secure than traditional computing — and in many cases, it is more secure. It’s a matter of using it intelligently and building a complete and appropriate security strategy.
PCI DSS. HIPAA. SOC 2. SOX 404. Compliance can be a complicated and confusing beast, with plenty of acronyms and layers of regulations — not to mention expenses and stress. But achieving compliance in the cloud can also be the key to unlocking new sources of revenue, winning business, and achieving success in today’s competitive business environment.
How many times have you finished a 1,000-piece puzzle? How about a serious game of Monopoly? Both of these activities have parallels with the process of meeting compliance regulations.
Compliance isn’t as simple as a connect-the-dots exercise. When you consider how fast companies are moving to and expanding on the cloud, alongside the proliferation of cloud-based security threats, compliance can be a little dizzying. We’re here to break the complexities of compliance requirements down for you, starting with SOC 2.
SOC 2 is one of the more common compliance requirements technology companies must meet today.
So what does SOC 2 compliance mean and how can you go about achieving it? In this post, we will break down the four most important things you need to know. Read more “4 Things You Need to Know About SOC 2 Compliance”
In today’s volatile threat environment, it has become a board-level necessity to find ways to minimize the exposure, liability and risk to personal health information (PHI). One of the best ways to do this is to ensure you are meeting all relevant compliance obligations and requirements. However, most companies simply tick the checkboxes and move on, putting security aside until the next big audit or threat comes along. With today’s threat landscape evolving as you read these very words, this is no longer enough.
You don’t have to look far to see that data breaches are running rampant among healthcare organizations. In 2015, three of the highest-profile cases – Community Health Systems, Anthem and Premera – resulted in the breach of over 96 million personal health records.
We recently spoke with Threat Stack customer Jameel Al-Aziz, DevOps/Software Engineer for 6sense, and developed the following case study that showcases how Al-Aziz and his team are using Threat Stack. Al-Aziz also details in the case study the company-wide benefits they are realizing, including a shortened sales cycle, by having a continuous security monitoring solution in place. Below is their story.