ISO 27017 Certification Overview

Dec 18, 2021 Lazarus Alliance 0 Comment

About ISO 27017

ISO/IEC 27017 is a unique technology standard in that it provides requirements for the customer as well as the cloud service provider. IT Managers and other technical staff responsible for moving organizations to the cloud or expanding a cloud service engagement can reduce risks to their business by ensuring they understand their responsibilities and make more insightful decisions around their choice of providers.

Used with ISO/IEC 27001 series of standards, ISO/IEC 27017 provides enhanced controls for cloud service providers and cloud service customers. Unlike many other technology-related standards, ISO/IEC 27017 clarifies both party’s roles and responsibilities to help make cloud services as safe and secure as the rest of the data included in a certified information management system.

We are the Perfect Proactive Partner

Dec 17, 2021 Lazarus Alliance 0 Comment

Lazarus Alliance Provides Audit & Compliance and Regulatory Support

Lazarus Alliance Partnering Provides Audit & Compliance and Regulatory Support

You have customers working with you today who need or demand additional support for their own compliance, risk, governance and cybersecurity programs.

Maybe your firm is a Public Accounting Firm and your clients work with you on taxation, but they also require a SOC 1, or SOC 2 which you do not provide. Rather than them begin a search for a provider, who may offer everything they require, why not choose Lazarus Alliance Partnering to support your customer together?

MSP partners frequently host and support clients with preparedness and readiness services, however, these same customers also require completing those certifications and attestations such as StateRAMP, FedRAMP, SOC 2, NIST 800-53, ISO 27001, and many others. Work with Lazarus Alliance Partnering to support your customers, offering turnkey solutions which increases your billable time, all the while improving retention.

What Are FIPS 199 and FIPS 200 and, How Are They Related?

Dec 2, 2021 Lazarus Alliance 0 Comment

There are several compliance standards for federal and defense cybersecurity. CMMC, FedRAMP, the Cybersecurity Framework (CSF) and the Risk Management Framework (RMF) all serve critical functions in protecting government IT systems and associated vendor products and services.

Behind all of these frameworks are crucial security publications, each one serving a particular purpose in defining the practices, controls and procedures that organizations can use to meet their compliance demands. We’ve previously covered such documents as NIST 800-53 and NIST 800-171, showing how these documents play a role in national cyber defense.

In this article, we’ll discuss two more guidelines: Federal Information Processing Standard (FIPS) 199 and FIPS 200.