Tag: SOC 2

What is ISO 27001 compliance?

Posted on August 21, 2018 by

First introduced in 2005, the ISO family of standards for managing information security has received more attention lately in the wake of increasing data breaches and security lapses. However, they’re still not as popular as HITRUST or SOC 2 audits, so in this post, we’ll specifically discuss ISO 27001, who it affects and what compliance means for your organization. What is ISO 27001? ISO 27001 is a compliance regulation such as PCI or HIPAA. There are about a dozen standards within …

Introduced in 2011, Service Organization Control (SOC) reports are becoming more and more popular in data security and compliance discussions with every passing year, especially SOC 2. But what is a SOC report? Which one do you need? Why is a SOC 2 report so important? Do you actually need it, or is it something that just looks good on paper? There are three types of SOC reports, but we’ll mainly talk about the second one for now, which is “designed …

When you create a list of who you’re thankful for, your auditor may not jump to the top of your list. After all, isn’t that who asks for all those mountains of documents and relentlessly asks those probing questions? Let’s face it: the relationship between a business and an auditor can be a contentious one. The high price of reports, resources spent compiling the information and remediating any issues can be more than enough to give any CXO heartburn and …

Although SAS 70 (Statement on Auditing Standards) has been dead for quite some time now, we’ve found that those lagging in the health IT industry may still be confused about why SAS 70 is no longer the audit to look for when it comes to ensuring security with a cloud hosting provider. In fact, false information about SAS 70 as a qualifier for cloud computing security supporting the healthcare industry is still an issue. Some suggest that SAS 70 is …

Online Tech’s Director of Operations and previous Crain’s Detroit CIO of the Year, Jason Yaeger, is presenting today at the 7×24 Exchange Southern California Chapter’s meeting, Data Center Compliance – It’s Mission Critical! As Online Tech’s Risk Management and Security Officer, Jason has had experience leading the company through the successful completion of SAS 70 Type I, SAS 70 Type II, SSAE 16, HIPAA and PCI. Where: T5 Data Center, El Segundo, CA Time: 3:30-6PM Date: Tuesday, April 23, 2013 …

If you’re searching for a new colocation provider or simply need to update your requirements for the new year, read on for a list of priority questions to ask potential or existing providers to ensure they’re operating at the highest level of security and efficiency. The last thing you want to deal with is finding out they’re not up to par only after something goes awry and your company is suffering from prolonged downtime and outages. Many audits and compliance …

Google Analytics is your best friend at year’s end to find the top trending topics of your blog or website – so I thought I’d share a bit of the gold with everyone to help guide them through next year. Ease your data center audit and cloud computing concerns (they can be harrowing, I know) and learn a thing or two from our expertly written and researched articles receiving top hits in 2012: SAS 70, SSAE 16, SOC 2 and …

An update from Online Tech’s President: As we roll into spring, Online Tech continues to raise the bar on the security, reliability and compliance of our data centers and services.  Here is a brief list of some of the capabilities we’ve added over the first four months of this year: Audits and Compliance: As you may know, we continue to invest heavily to ensure we meet the highest level of data center standards.  In the recent months, we’ve successfully completed three …

I think the title says it all. Again and again, I come across blogs, press releases, articles, white papers; all types of media spouting the same story: Check your service provider’s SAS 70, Type II report, as that’s a great indicator of whether or not you should host your sensitive patient information in their data centers. Where is the logic in this? Although we have many resources and blog posts about SOC 2, SSAE 16 and other audits/reports, and what …

Last Chance: SSAE 16 & SOC Webinar

Posted on February 14, 2012 by

It’s your last chance to sign up for our free, informative webinar today at 2 P.M. ET with David Barton, Jon Long and Online Tech’s Risk Management & Security Officer Jason Yaeger for a discussion to help clarify data center audit standards and assessments. Register for our free webinar Tuesday, February 14, 2012 (today) from 2-3pm ET to discuss the differences between AICPA’s (American Institute of Certified Public Accountants) SOC (Service Organization Controls) audits and reports, other types of audits, and the difference between …

Get started now. Exceptional service awaits.

Live Chat