Compass IT Compliance Blog

Cyber Incidents - Not if, but When (And When Just Happened)

Hourglass in an office

For those of us in information security or cybersecurity, we have long said that it is not a matter of if but a matter of when you will be impacted by a breach or an incident. Over the last several weeks, we have seen when happening more frequently.

Read Story

How Long Is A SOC 2 Certification Good For?

SOC 2 Audit Calendar

SOC 2 (System and Organization Controls 2) reports provide service organizations with a way to demonstrate their commitment to security, availability, processing integrity, confidentiality, and privacy. These reports provide assurance to clients and stakeholders that the service organ …

Read Story

How Often Should a SOC 2 Report Be Updated?

SOC 2 Buildings

Given the dynamic nature of cybersecurity threats and regulatory requirements, understanding the frequency of SOC 2 report updates is essential for maintaining compliance and ensuring continuous protection. In today's fast-paced landscape, organizations must be proactive in managing t …

Read Story

What to Do if Your Elderly Parent Is Being Scammed

Elderly Parent Being Scammed

Scams targeting seniors are on the rise, as fraudsters increasingly exploit the vulnerabilities of older adults. Many individuals are now seeking effective ways to protect their elderly parents from these malicious schemes, aiming to safeguard their financial security and well-being. …

Read Story

Penetration Testing: Black Box vs. White Box vs. Gray Box

Types of Penetration Tests

Penetration testing, or pen testing, is a critical practice for assessing and fortifying the security of networks, software, and services. Various types of pen testing, including black box, white box, and gray box testing, each offer distinct perspectives and insights. These diverse m …

Read Story

How Small Businesses Can Mitigate Cyber Risks

Small Business

What drives business success today? While there are many answers to this, one common response that applies to every industry is technology. From streamlining operations to enhancing customer engagement, the benefits are undeniable. However, as businesses increasingly rely on digital t …

Read Story

Understanding SOC 2 Audit Opinions: An Auditor’s Perspective

City Buildings

Service Organization Control 2 (SOC 2) reports are relevant for service organizations to demonstrate their commitment to data security and the effectiveness of their internal controls. SOC 2 reports come with audit opinions provided by independent auditors, which offer insights into h …

Read Story

What Is a Firewall? Definition & Best Practices

Physical Firewall Device

At the forefront of this cybersecurity arsenal stands the firewall—an indispensable component for network security. But what exactly is a firewall, and how does it protect our digital resources? In this blog post, we explore the role of firewalls in information security, discussing th …

Read Story

Subscribe by email