What are the EU-U.S. Privacy Shield Principles?

With the EU-U.S. Privacy Shield, the United States and the European Union share the goal of improving the privacy of citizens’ sensitive information. However, what makes the framework necessary is that each has a differing approach on how to manage the protection of information. The EU-U.S. Privacy Shield Framework exists …

Read More

What are the differences between ISAE 3402 and SSAE 16?

The preferred reports for service organizations with direct impact on internal controls over financial reporting of their clients are the SSAE 16 (Statement on Standards for Attestation Engagements (SSAE) No. 16, Reporting on Controls at a Service Organization, was issued by the Auditing Standards Board of the American Institute of Certified …

Read More

FISMA Certification: Understanding Low, Moderate and High-Impact Systems

FISMA, or the Federal Information Security Management Act of 2002, assesses the controls outlined in NIST 800-53. You can review those requirements in Figure 1, below. One of the benefits of FISMA is that it provides different implementation options depending on the levels of potential impact for an organization or …

Read More

10 Ways to Protect Your Information When Shopping Online

When the holiday season comes around, everyone is in the spirit of giving back and joining in on the festivities. This usually spurs an increase in spending and holiday shopping, most of which happens online. According to comScore and UPS’ online shopping survey, shoppers are now making 51% of …

Read More

Visa Global Registry of Service Providers: Are you on the list?

Visa has released new tools and changes, which add value to service providers who store, process, or transmit cardholder data on behalf of merchants or other entities. For years, Visa has offered service providers the Visa Global Registry of Service Providers, a prestigious list of entities which meet certain …

Read More

5 Tips to Enhance Your Password Security

A password is designed to protect our personal information and accounts, but how are the passwords that you are using making it easier for hackers to access your accounts? Our experts have analyzed numerous passwords and why they don’t fit the security criteria. Here are some actionable tips for you …

Read More

FedRAMP: Outline of Timeliness and Accuracy of Testing

As FedRAMP continues to emphasize the FedRAMP Accelerated program, which is meant to reduce approval time for the Joint Authorization Board (JAB), they have released additional guidance on the Timeliness and Accuracy of Testing Requirements. FedRAMP Timeliness and Accuracy of Testing There are three categories associated with testing …

Read More

Vulnerability Scan vs. Penetration Test: What’s the Difference?

What is the difference between a penetration test and a vulnerability scan? Is a penetration test a vulnerability assessment? Is a vulnerability scan a penetration test? Which one does my organization need? As organizations prepare to meet their security needs, determining which service your organization requires depends on the purpose …

Read More

The Trail to Breach Prevention: Infographic

The importance of National Cyber Security Awareness Month cannot be understated. A-LIGN has highlighted statistics from the breaches that occurred in 2015 in order to portray the prevalence and potential cost of data breaches. In order to help your organization refrain from becoming another statistic, A-LIGN has provided actionable steps …

Read More

14 Ways to Prevent Data Breaches in Your Organization

Actionable Tips to Prevent Data Breaches Feeling safe about your organization’s personal data because of encryption standards? Don’t fool yourself into a false sense of security. Managing cyber-risk is a multi-faceted, whole-organization effort that requires implementation at the top levels down. In IBM’s Security Services 2014 Cyber Security Intelligence Index, …

Read More