Compliance is a hot topic as businesses race to move to the cloud.
Here are six things you shouldn’t ignore about compliance.
1. Compliance doesn’t apply to large organizations.
With the changes occurring in the world, laws and regulations can even put small companies at risk. No matter what industry you operate in or what size business you have, if you accept card payments and process, transmit and store cardholder data, you must host your data securely with a hosting provider that is PCI compliant.
2. Compliance failure can put you out of business.
Around 67% of the cost comes in the first year, around 22% comes in the next 12 to 24 months, and the final 11% comes more than two years later.
3. Weak credential polices make you high risk.
80% of today’s data breaches are caused by default, weak, stolen, or otherwise compromised credentials.
4. Proper compliance training for your employees is key.
Investment in staff takes many forms, and training is just one of them, but regrettable, this is one area that is all too often first in line for budget cuts whenever a firm is looking to make economic efficiencies.
5. Electronic protected health information is everywhere!
The top two security threats that most worry healthcare IT professionals are: employee-owned mobile devices being used to access ePHI (76%), and any mobile devices accessing ePHI without the proper security installed (72%).
6. Cyber coverage doesn’t completely cover you.
Paper records are covered, like those (old) employment applications, personnel and customer files, credit cards receipts (with carbons) that are used if systems go down, etc.
So, it’s not just a laptop that goes missing with data, or a hack that can be covered, but what about that storage unit full of old company files that was long forgotten, then sold at auction. Where are the records now… somewhere? The policy could respond to cover defense costs, damages, etc. related to that loss too.
About Effortless Office: