October 2020: Compliance Certification Roundup

Each month, Reciprocity highlights companies that have earned compliance certifications for information security frameworks.

Here’s our October 2020 roundup of recent compliance news from around the United States and the world.

PCI Certification 

PCI certification and compliance are two different, but related, designations.

PCI certification is a more rigorous process. It involves an intensive audit performed by a Qualified Security Assessor (QSA).

PCI compliance means a company follows best practices to help protect Cardholder Data (CHD) following the guidelines set by the PCI Council.

ISO Certification 

ISO standards concern many industries. The three primary ISO standards that help organize compliance for companies looking to create IT programs: IT, ISO 27001, ISO 31000, and ISO 9001.

SOC 2 Certification

SOC 2 concerns all organizations and enterprises providing services that process and store customer data. SOC 2 reports are based on five Trust Services Criteria: security, availability, confidentiality, processing integrity, and privacy.

FedRAMP Certification

The Federal Risk and Authorization Management Program (FedRAMP), is a government program that determines if the cloud products and services offered by cloud service providers are secure enough to be used by federal agencies. 

  • In September, Infoblox Inc., Santa Clara, California, a leader in secure cloud-managed network services, today announced that BloxOne Threat Defense Federal Cloud has achieved “In Process” status for the Federal Risk and Authorization Management Program (FedRAMP). Read more about Infoblox’s certification.
  • In September, Mimecast Limited, Lexington, Massachusetts, a leading email security and cyber resilience company, achieved FedRAMP ‘Ready’ status, a precursor to becoming FedRAMP fully authorized. Read more about Mimecast Limited’s certification.
  • In September, eGain, Sunnyvale, California, a provider of customer engagement solutions, announced that it has achieved “in process” status on the FedRAMP Marketplace. Read more about eGain’s certification.

HIPAA Compliance

Compliance with the Federal Health Insurance Portability and Accountability Act (HIPAA) ensures that health care organizations protect the privacy, security, and integrity of protected health information.