The Schellman Blog
Stay up to date with the latest compliance news from the Schellman blog.
Co-Authored with Kurt Long from Fairwarning and originally published on informationsecuritybuzz.com Today’s modern CRM systems are vital to your business’ success. CRM data now holds every aspect of your business’ proprietary information from corporate intelligence to sales data; as well as your customers’, from buying patterns to PII. A data breach to your CRM could be devastating to your organization resulting in lawsuits or irreparable harm to your brand’s reputation and customer trust. With so much at stake, here is what you need to know to protect your CRM.
FISMA | Cloud Computing | FedRAMP
Originally published on www.meritalk.com The Federal government is the leading creator, collector, consumer, and communicator of information in the United States. If there are changes to its regulatory requirements, it is entirely possible those changes will eventually spread into the commercial sector. Such is the case with two related risk management programs developed by the Federal government that now enforce commercial organizations working contractually with the Federal government to employ Federal security standards.
“Is the cloud secure?” In this day and age, the topic of security places itself at the apex of all information technology discussions, and is the single greatest influencer for organizations considering making the jump to the cloud. It’s no surprise that businesses have concerns regarding cloud security. After all, some of the highest profile data breaches have occurred in the cloud arena.
Cloud Computing | Compliance and Certification | BrightLine
Implementing a new compliance initiative is one of the biggest challenges companies and compliance officers face. Many times, employees see new compliance initiatives as a response to something that went wrong. However, in reality, most new compliance initiatives are the result of changing laws, regulations, company contracts and meeting best practices. If you plan to launch a new compliance initiative in 2016, here are some key tips to help ensure it takes root.
FISMA | Cloud Computing | FedRAMP
Originally published on www.fedrampfastforward.com BrightLine works with many cloud service providers (CSPs) which have built successful business by providing services to the private sector. With the growth, not to mention CloudFirst mandate, many of these CSPs are taking a much closer look at the potential to work with the Federal government. Today, part of the price of entry is compliance with the Federal Risk and Authorization Management Program (FedRAMP).
Complimentary CSA STAR Program Webinar by Schellman
SOC | Cloud Computing | News | ISO 27001 / 27002 | ISO Certifications
via Marketwired Today, the Cloud Security Alliance (CSA) and the American Institute of CPAs (AICPA) issued the guidelines for CPA’s who plan on conducting Service Organization Controls (SOC) 2 engagements in conjunction with the CSA’s Cloud Control Matrix (CCM). This new hybrid attestation standard is known as the CSA Security and Trust & Assurance Registry (STAR) Attestation. Along with that, the CSA website now includes a listing of approved firms for STAR Attestation, which includes Schellman. In addition, Schellman has also been approved to provide STAR Certification services to clients.
Via: FCW.com The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessments, authorizations, and continuous monitoring for cloud products and services. FedRAMP is meant to replace the current process by which federal agencies assess low and moderate baseline third party cloud service provider systems prior to procurement. Preceding FedRAMP, individual agencies managed their own assessment methodology following guidance loosely set by the Federal Information Security Management Act of 2002 (FISMA).