10/18/2018

October is National Cyber Security Awareness Month. Now in its 15th year, this annual initiative has been focused on creating a “collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online, while increasing the resiliency of the Nation during cyber-threats”..

Each week of the month is dedicated to education around a different security topic. Week two is focused on learning about the risks, the advantages and the differences between compliance and security.

Compliance: A set of controls or framework determined by governmental, non-profit or industry groups that serves as a blueprint for the security of data. The regulatory organizations that govern compliance standards issue them as a minimum bar for security. Enforcement is established through audits or assessments that are either self-administered or coordinated by a third party.

Why is compliance important?

  • Builds and maintains trust with your clients and drives new business
  • Helps define why people should do business with you
  • Helps define how you do business
  • Enhances consistency within your operations which in turn reduces errors

Security is the collection of administrative processes, and technical and physical controls that safeguard data. Effective security requires threat identification and proactive protections, as well as active monitoring and analysis of the multiple layers of environments.

What security measures are there?

  1. Physical
    1. Access Controls
    2. Video Surveillance
    3. Environmental
  2. Logical
    1. Passwords
    2. Firewalls
    3. Data Encryption
  3. Social Engineering
    1. Awareness
    2. Training
    3. Limited Information

So, why do we need both compliance and security?

Despite their differences, both are essential for processing, hosting and managing sensitive regulated data. You should be:

  • Making security and compliance part of regular operations
  • Making risk assessment an ongoing process, not a once-a-year exercise
  • Regularly reviewing and auditing your internal controls and processes

Security must be your foundation.

Being either secure or compliant doesn’t mean that you are covering both basis. Checking off all your compliancy boxes won’t cover all your security needs. To be both secure and compliant you need a wholistic approach to security management. If you have an effective security strategy you will, consequentially, end up

Related Resources

BlogBlog

Cloud Transformation: How and When to Make the Move

Enter go to Blog : Cloud Transformation: How and When to Make the Move
BlogBlog

People Who Deliver: Spotlight Interview with Involta's VP of Sales, Eastern Region

Enter go to Blog : People Who Deliver: Spotlight Interview with Involta's VP of Sales, Eastern Region
BlogBlog

Transformation and Growth Require That MDR Can Scale

Enter go to Blog : Transformation and Growth Require That MDR Can Scale
BlogBlog

Backup and Recovery: Safeguard Your Data

Enter go to Blog : Backup and Recovery: Safeguard Your Data
BlogBlog

Is the Future a Dangerous Place for Business?

Enter go to Blog : Is the Future a Dangerous Place for Business?
BlogBlog

Involta Launches Operation Linking Loved Ones

Enter go to Blog : Involta Launches Operation Linking Loved Ones

Stay up to date with the latest from Involta

We use cookies to offer you a better web experience? By continuing to use our website, you agree to the Privacy Policy.