Many administrators, Compliance in the Information Technology sector is an unfamiliar topic, but in today’s environment is something that needs to be understood and implemented carefully. Compliance in IT is a recommended set of guidelines, standards, and processes that are adhered to due to industry regulations and government laws.
What are the most common compliance standards?
Sarbanes Oxley– ensuring that financial systems are properly secured from hacking, modification, and loss of data
COBIT – best practice framework for IT governance and management
HIPAA – set of standards for protecting sensitive patients’ medical data.
- Physical security – secure data center with access control, secure access to workstations
- Technical security – unique user IDs, strong passwords, automatic log off policies, data encryption
- Policy – controls and measures to confirm that data is not altered or destroyed. Key disaster recovery policies and offsite backup measures in place
- Network Security – protect against unauthorized access of data (ie: email, internet, private network, and private cloud)
PCI – standards set in place to ensure that all companies process, store, and transmit credit card information securely.
Need help? Click here to schedule a free consultation with MIBAR to ensure you are meeting compliance standards.