10/18/2018

October is National Cyber Security Awareness Month. Now in its 15th year, this annual initiative has been focused on creating a “collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online, while increasing the resiliency of the Nation during cyber-threats”..

Each week of the month is dedicated to education around a different security topic. Week two is focused on learning about the risks, the advantages and the differences between compliance and security.

Compliance: A set of controls or framework determined by governmental, non-profit or industry groups that serves as a blueprint for the security of data. The regulatory organizations that govern compliance standards issue them as a minimum bar for security. Enforcement is established through audits or assessments that are either self-administered or coordinated by a third party.

Why is compliance important?

  • Builds and maintains trust with your clients and drives new business
  • Helps define why people should do business with you
  • Helps define how you do business
  • Enhances consistency within your operations which in turn reduces errors

Security is the collection of administrative processes, and technical and physical controls that safeguard data. Effective security requires threat identification and proactive protections, as well as active monitoring and analysis of the multiple layers of environments.

What security measures are there?

  1. Physical
    1. Access Controls
    2. Video Surveillance
    3. Environmental
  2. Logical
    1. Passwords
    2. Firewalls
    3. Data Encryption
  3. Social Engineering
    1. Awareness
    2. Training
    3. Limited Information

So, why do we need both compliance and security?

Despite their differences, both are essential for processing, hosting and managing sensitive regulated data. You should be:

  • Making security and compliance part of regular operations
  • Making risk assessment an ongoing process, not a once-a-year exercise
  • Regularly reviewing and auditing your internal controls and processes

Security must be your foundation.

Being either secure or compliant doesn’t mean that you are covering both basis. Checking off all your compliancy boxes won’t cover all your security needs. To be both secure and compliant you need a wholistic approach to security management. If you have an effective security strategy you will, consequentially, end up

Related Resources

BlogBlog

Cedar Rapids Civil Rights Commission Feminine Hygiene Drive

Enter go to Blog : Cedar Rapids Civil Rights Commission Feminine Hygiene Drive
BlogBlog

Roundtable Recap: Hybrid Cloud's Role in Helping Business Rise Above

Enter go to Blog : Roundtable Recap: Hybrid Cloud's Role in Helping Business Rise Above
BlogBlog

CloudOps Q&A with Involta's Enterprise Architect and Principal Cloud Architect

Enter go to Blog : CloudOps Q&A with Involta's Enterprise Architect and Principal Cloud Architect
BlogBlog

People Who Deliver: Spotlight Interview with Sue Sedrel

Enter go to Blog : People Who Deliver: Spotlight Interview with Sue Sedrel
BlogBlog

Involta Insights: An Exploration of Customer Experience

Enter go to Blog : Involta Insights: An Exploration of Customer Experience
BlogBlog

How to Dodge Common Potholes Along Your Highway to Digital Transformation

Enter go to Blog : How to Dodge Common Potholes Along Your Highway to Digital Transformation

Stay up to date with the latest from Involta

We use cookies to offer you a better web experience? By continuing to use our website, you agree to the Privacy Policy.