Government agencies and contractors in the supply chain face threats every single day. If you haven’t read the news lately, our national infrastructure and data systems face significant challenges in maintaining the security and integrity of their devices, applications and network resources. When agencies and contractors want to connect to any sensitive system, the Department of Defense requires that they utilize the Assured Compliance Assessment Solution (ACAS).

This suite of vulnerability scanning software provides passive and active search capabilities that promote high levels of network security and compliance while standardizing these tools for organizations no matter where they are at. 

Read More

As Cloud Service Providers (CSPs) work with State agencies, many of them are undergoing StateRAMP certification. Fortunately, StateRAMP is much like FedRAMP in that it follows several of the same guidelines, requirements, and process structures.

Here, we’ll break down one of the basic aspects of StateRAMP Impact Levels. The StateRAMP Impact level directly relates to the security required from an agency, and the kinds of controls that a CSP must implement. 

Read More

HIPAA compliance can be one of the most challenging tasks a company undertakes, and failure to comply is the most impactful and punitive in terms of fees and penalties. Many new organizations getting into  compliance might, in turn, feel overwhelmed by the requirements of the framework and the three primary HIPAA rules.

Here, we’ll breakdown the basics of HIPAA compliance for new organizations and what they need to think about in preparing for a compliance strategy. 

Read More