Compliance Matters.

We don’t need to tell you why compliance is important, just know keeping your company in line with complience is top of mind when we audit your cybersecurity solution.

FINRA

The Financial Industry Regulatory Authority (FINRA) is a regulatory body charged with governing business between brokers, dealers and the investing public. Given the evolving nature, increasing frequency, and sophistication of cybersecurity attacks – as well as the potential for harm to investors, firms, and the markets – cybersecurity practices are a key focus for FINRA.

HIPAA

Health Insurance Portability and Accountability Act (HIPAA), it must safeguard its patients’ and clients’ personal information. In a world of computers and networks, sensitive patient data must be protected against unauthorized persons.

FISMA

Federal Information Security Management Act (FISMA) requires each federal agency to develop, document, and implement an agency-wide program to provide information security for the information and systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other sources.

PCI DSS

Payment Card Industry Data Security Standard (PCI DSS) is required of all merchants and service providers who store, process or transmit credit card holder data.

FEDRAMP

The Federal Risk and Authorization Management Program, or FedRAMP, is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and service. The FedRAMP program is designed to comply with the Federal Information Security Management Act of 2002 (FISMA). It aims to accelerate the adoption of secure cloud solutions through reuse of assessments and authorizations, increase confidence in security assessments and security of cloud solution.

GDPR

General Data Protection Regulation is the first comprehensive overhaul and replacement of European data protection legislation. Any organization that holds data on EU citizens, regardless of where it is domiciled, within the EU or otherwise, is in scope. Likewise, organizations processing data within the EU on any data subject, regardless of the data subject’s location, may be in scope. GDPR compliance is mandatory by 25th May 2018.

Sarbanes-Oxley Act

Auditing existing IT infrastructure, identifying inefficiencies, redundancies and superfluous controls. Streamlining reporting and auditing processes, increasing productivity and reducing costs. Managing security risks more effectively and responding quicker in the event of a breach.

NIST 800-53 (DFARS)

NIST 800-53 (DFARS) ensure that those working in conjunction with Department of Defense would have methods in place to protect sensitive information

FFIEC

Federal Financial Institutions Examination Council (FFIEC) provides cybersecurity standards and auditing for financial institutions and the following regulatory agencies: WCSG Security Monitoring service helps financial institutions address FFIEC cybersecurity standards by providing 24x7x365 security monitoring that aligns with the security monitoring section of the FFIEC Handbook.

ISO 27001 and 27002 Compliance

Developed by the International Standards Organization, ISO 27001 and ISO 27002 standards provide guidance to organizations seeking to manage security of data assets (such as intellectual property), employee, customer, or other sensitive data, and implement security.

GLBA

Also known as the Financial Modernization Act of 1999, is a consumer protection. The U.S. law focuses on protecting sensitive information, such as addresses, names and credit histories, that consumers and customers provide to financial institutions, such as banks and financial planners. As a part of GLBA compliance, financial organizations must notify customers about how they share NPI, as well as inform consumers of their right to request that their data remains unavailable to unaffiliated third parties.

If you’re required to comply with this FTC standard, a critical item on your GLBA compliance checklist will be your cybersecurity. Because of the Safeguards Rule and Pretexting Provisions, you’ll need a cybersecurity solution that provides comprehensive monitoring, event logging and log management, as well as an infrastructure that’s compliant with GLBA

Zeen is a next generation WordPress theme. It’s powerful, beautifully designed and comes with everything you need to engage your visitors and increase conversions.