Security News

Your company takes compliance and security very seriously, but you've no idea what or how to layer on top of AWS's existing security and compliance protocols to achieve levels necessary for compliance certification. In this case and others, passing a compliance audit may prove particularly problematic even though your company is committed to performing at or above baseline legal requirements.

Onapsis announced the general availability of support for SAP SuccessFactors in The Onapsis Platform. "SaaS applications such as SuccessFactors can introduce new risk into the business-critical application environment if security parameters are not continuously assessed to maintain a strong security posture," said Marty Ray, Chief Information Security Officer at Fossil Group.

Very Good Security has further cemented its commitment to securing the world's information by empowering organizations to prepare for their first SOC 2 audits completely free with VGS Control. VGS employs a fundamentally different approach to data security and compliance, which drastically improves an organization's ability to seek and maintain SOC 2 compliance using VGS Control.

PlusOne Solutions launched its open Application Programming Interface for Customers looking to create a unified method for managing their Service Network compliance data and compliance programs. The PlusOne Solutions API allows for the communication of multi-layered compliance information including Contractor, sub-contractor, and contractor employee levels to ensure a full view of the network's compliance and risk information.

Thirteen years, one institutional investor and two acquisitions later, it offers a unified platform that helps general counsel and chief legal officers manage challenges related to e-discovery, data privacy compliance obligations, Data Subject Access Rights, digital forensic investigation and so on. Legal plays a critical role in ensuring that all compliance obligations are met, and overall risk to the organization is mitigated.

VigiTrust launched new Asset Register, Risk Register and Dynamic Assessment features on its flagship platform, VigiOne. The platform now expands its reach to cover the steps before compliance management: namely, answering the questions, "What are the risks my organization faces, and what can I do about those risks?" to help create a Continuous Compliance Program.

Belkin announces an entirely new portfolio of Secure KVMs designed for National Information Assurance Partnership Protection Profile 4.0 compliance. Belkin's portfolio consists of the Universal 2nd Generation Secure KVMs as well as the Modular Series of Secure KVMs. Combined, the two platforms give government agencies an unprecedented level of flexibility in designing their environments and equipping employees with the exact value and functionality needed for the mission.

Security is important in any organization, but getting employees to follow protocol can be a challenge. Oh, these people who are using insecure passwords, clicking open phishing emails and installing malicious apps-why don't they understand? We'll show them, right? If you don't follow the security protocols, you're in for it.

Security is important in any organization, but getting employees to follow protocol can be a challenge. Tom Merritt offers five reasons why using fear-based motivation techniques is not ideal.

CyberSheath launched its Managed IT Services for Defense Contractors to ensure compliance with the new cybersecurity standards for commercial contractors of the United States government. The managed services include a Shared Security Compliance Framework to ensure compliance for both DFARS Clause 252.204-7012 / NIST SP 800-171 and the new DFARS 252.204-7019-7021 CMMC requirements.