Collaborate Disseminate
We’re often asked by customers embarking on the SOC 2 journey, “Can we skip the SOC 2 Type 1 and go straight into a Type 2?” They reason that instead of paying for two audits, they would only pay for one. It seems like an easy choice, righ… Continue reading The Perils of a Running Start: Can You Skip SOC 2 Type 1?
The selection of a SOC 2 auditor can be daunting. How do you find one, what should you consider when choosing a SOC 2 auditor, and what interview questions should you ask them? Will they understand your unique environment, product or challenges? Ultim… Continue reading How to Choose the Right SOC 2 Auditor
While certifications for security management practices like SOC 2 and ISO 27001 have been around for a while, the number of companies that now request that their software vendors go through (and pass) the audits to be in compliance with these continues to increase. For a lot of companies, that’s a harrowing process, so it’s […] Continue reading Secureframe raises $4.5M to help businesses speed up their compliance audits
Today’s businesses are more interconnected than ever. Your company may rely on a network of third-party service providers who handle payroll, taxes, new employee recruitment, and much more. These service providers often need to access sensitive i… Continue reading Your Quick Guide to SOC 1, 2 and 3
In the not-too-distant future, I can clearly see how ISO 27001, SOC 2 and HITRUST certifications could become a diminished, legacy activity, viewed as a rarity left over from marketing efforts to distinguish an organization’s security posture fro… Continue reading CMMC: The Logical End of ISO 27001, SOC 2 & HITRUST Certifications
Compliance isn’t as simple as a connect-the-dots exercise. When you consider how fast companies are moving to and expanding in the cloud, and then take into account the proliferation of cloud-based security threats, compliance can be a little diz… Continue reading 4 Things You Need to Know About SOC 2 Compliance
Effective cybersecurity management requires cross-collaboration between multiple stakeholders, and becomes increasingly complex with larger organizations. Though technology can serve as a solution to mitigate security risk, oftentimes the solution… Continue reading Internal Audit and IT: Joining the Same Cybersecurity Team
Here are some best practices for ensuring their cloud environment meets security compliance regulations In a world of high-profile attacks, breaches and information compromises, companies that rely on third parties to manage and/or store their dataset… Continue reading Leveraging the Cloud for SOC 2 Compliance
Configuration management is a buzzword that gets tossed around quite a lot these days. Defined as the process of identifying, controlling, tracking, and auditing changes made to a baseline, configuration management is a critical part of a strong s… Continue reading Change & Configuration Management Waves Revolutionizing Cybersecurity
Overview
As leaders in the SaaS industry, our ongoing success relies on security and the ability to provide clients with certain reassurances about our operational policies, including privacy, availability—and most importantly, cybersecurit… Continue reading SOC 2 Audit Explained For SaaS Companies