Security and compliance company SecurityMetrics has targeted deficient security practices with two new audit services.
The audit services, which are for PCI and HIPAA, were recently awarded for information security excellence by Info Security Products Guide.
The security company explained that “without regular network security audits to provide in-depth and unbiased critiques of an organization's true security posture, many organizations fall back into poor data security habits that could result in a widespread data breach”.
The PCI audit service is required for organizations that process over one million transactions annually.
"We don't believe in a 'PCI audit checkbox process', because every merchant deserves a comprehensive look at their unique environment that leads to successful remediation," said Gary Glover, director of security assessment at SecurityMetrics. "That's probably why over 90 percent of our audit customers return each year."
SecurityMetrics recommends all business associates and most healthcare entities undertake a HIPAA audit service. This should help healthcare entities complete their risk analysis to identify potential security threats and create a prioritized risk management plan.
"Most HIPAA audit services focus too much on privacy and neglect essential data security," said Tod Ferran, security analyst at SecurityMetrics. "Our auditors are trained in the art of compliance and data security to assist in accurate HIPAA compliance, expedite vulnerability remediation, and most importantly, secure the patient data entrusted to that entity."
SecurityMetrics, Auudit Services, HIPAA, US