Security Framework Overview

Compliance

Security and Compliance Overview

RegulationsToday’s environment brings increasing regulation to our customers. While this may be viewed as tedious, we hope to deliver value as we provide compliant solutions.

Global Data Vault enables compliance with a variety of standards and regulations including those listed below. Our compliance is accomplished through physical controls, logical controls, and to a large degree through policy controls.

As you evaluate working with Global Data Vault, we’ll share more details about the actual controls in place. We can also review our controls compared to your needs outside the regulations and standards listed here.

 

Acronym Name Promulgated Authority Applies to
HIPAA Health Insurance Portability and Accountability Act US Federal Law Regulation Companies that keep any patient health information
PCI Payment Card Industry Companies that issue credit cards Standard Companies that store credit card numbers
NIST National Institute of Standards and Technology US Federal Government Standard US Federal Government entities and their vendors
DFARS Defense Federal Acquisition Regulation Supplement US DoD Regulation Companies serving the US DoD
GDPR General Data Protection Regulation European Union Regulation Companies that store data about any EU citizen
SOX Sarbanes-Oxley US Federal Law Regulation US companies with publicly traded securities
SSAE 16 SOC 1 / SOC 2 Statement on Standards for Attestation Engagements / Service Organization Controls American Institute of Certified Public Accountants (AICPA) Standard Data center operational controls

The Case for Office 365 Backup

In the wake of Microsoft's September 4 - September 5 South Central U. S. outage for Office 365 and Azure, it's worth asking, should you be concerned with backup of your Office 365 data? It's your data, and while Microsoft normally does a good job with protecting it,...

Counting down the worst cyber security breaches of 2018 – #4

Fitness apparel manufacturer Under Armour gave us a good example of how companies can try to protect their user’s data but often fail to fully cover everything that needs protecting. The information that was stolen from Under Armour is minor compared to some of the...

Global Data Vault’s Mid-Year Count-Down of the Worst Cybersecurity Breaches

Number 5: VPNFilter More and more, our business environments are connected to the cloud. The transmission of data and the speed to which it can be accessed is critical to business intelligence and competitive advantage. When that data becomes attractive to hackers,...