Articles by tag "compliance"

Overview of the Federal Trade Commission in regards to cybersecurity:

• Does the US have federal cybersecurity laws that apply generally?
• What does the FTC require in a nutshell?
• How can I make sure my company is in compliance?

“HiTRUST: Burdensome, But Worth It if You Have the Resources”

For the past few months the challenges facing the country’s medical infrastructure has been all over the news. Mostly these issues have focused on medical supplies and capacity, but as with any organization the IT needs of these medical facilities are also of the utmost criticality.

Digital Edge is proud to announce that they have achieved AWS Level 1 Managed Security Service Provider Competency Status.  This designation recognizes that Digital Edge has successfully met AWS requirements for a baseline of managed security services to protect and monitor essential AWS resources 24/7, known as Level 1 Managed Security Services.

This new baseline standard of quality for managed services was introduced by AWS to benefit cloud environments of any size and it spans six security domains: vulnerability management, cloud security best practices and compliance, threat detection and response, network security,host and endpoint security, and application security. The six domains contain multiple MSSP services, each with technical skill set and operational process requirements specific to AWS. 

To read the full press release click here: 

Lately, and for good reason, the top thing on people’s minds has been the COVID-19 Coronavirus. Any change from normal operations will inherently be less secure, because often the processes are unfamiliar and have not been ironed out to the extent that a company’s normal operations have been. In a situation like we are facing now, with widespread teleworking, a company’s prime security concern should be the correct implementation of a strong teleworking policy.

Keith Barry explains the importance of being a risk driven IT organization and breaks down the 7 steps of how to successfully become one. Based off of the full article online: https://knowledge.digitaledge.net/compliance/risk-driven-information-technology-organization/

“Don’t Forget About Negligence – It Hasn’t Forgotten you”

How do you advise clients to navigate all these new cybersecurity laws that vary by jurisdiction?

in my personal opinion, potentially unconstitutional. 

New York has enacted the SHEILD Act to better protect residents of their private information against data breaches. The Act takes effect March 21st, 2020. Luckily, our VP of Compliance covers all the necessary topics in regards to this law. This month, we cover everything you need to know about this law and how to stay in compliance with it! 

This edition we answer:

• What does SHIELD stand for?
• What do I need to do to comply?
• What is considered "Personal Information"?
• What are "reasonable" data security requirements?
• Would the SHIELD Act include any exceptions for small businesses?
• What are the proposed penalties for noncompliance?
• How can DE help me stay in compliance?

In the beginning of the year, we came out with an article discussing GDPR- one year since passing. It was clear that GDPR wasn't something to be taken lightly as the fines stacked up for many companies. Now we have the visual proof.