COVID-19 has changed how we work, and as the first third of 2021 comes and goes many IT and cloud companies have adapted. However, companies that still need to undergo SOC 2 attestation, or who still have not done so for one reason or another, might find the current challenges of auditing and compliance under pandemic restrictions intimidating. 

Here, we’ll discuss an overview of some of the challenges that might come up during SOC 2 attestation during COVID-19. Rather than seeing these challenges as hopeless, we believe that, with the right security partner, they are easily dealt with as part of getting back to business. 

Read More

Government work is the new and lucrative frontier for IT and cloud providers, and part of its competitiveness is the rigorous requirements for service providers that weed out those who aren’t prepared for such work, leaving effective and professional outfits that can function at a high-level and provide services that other companies can’t. 

While many providers know about standards like FedRAMP or NIST requirements, not many know about CMMC. This relatively new framework impacts IT and cloud providers who want to work with agencies under the Department of Defense (DoD) but provides a clear picture of the requirements these providers must meet to work with sensitive data.

Read More

Part of StateRAMP compliance certification is the practice of continuous monitoring, where Cloud Service Providers (CSPs) and Third-Party Assessment Organizations (3PAOs) work together to ensure secure cloud environments that meet requirements for data protection. 

Read More