<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">
Curious about how StrongDM works? 🤔 Learn more here!
Search
Close icon
Search bar icon
blog /
The Differences Between SOC 1 vs SOC 2

The Differences Between SOC 1 vs SOC 2

Confusing a SOC 1 vs SOC 2 audit is easy. While both compliance frameworks attest to the controls used within your organization, the frameworks differ in focus. SOC 1 looks at your organization’s financial reporting, while SOC 2 focuses on how you secure and protect customer data. This blog post will focus on exploring the differences between SOC 1 vs SOC 2.
4 Steps To Work Remotely While Maintaining Security | Remote Access Policy

4 Steps To Work Remotely While Maintaining Security | Remote Access Policy

The purpose of a Remote Access Policy is to keep your employees productive from anywhere without sacrificing security.
Workstation Security Policy Best Practices

Workstation Security Policy Best Practices

In the workstation security policy, you will define rules intended to reduce the risk of data loss/exposure through workstations.
Encryption Policy Best Practices | TLS vs SSL

Encryption Policy Best Practices | TLS vs SSL

You wouldn’t leave the house without making sure your doors and windows were locked, and that any valuables were hidden or secured in a safe. That way, if you were robbed, the burglar would have a difficult time accessing your most precious assets. In the same way, you need to make sure your organization’s critical data is well protected.
4 Things to Consider When Writing a Data Center Security Policy

4 Things to Consider When Writing a Data Center Security Policy

Should you host data on-premise or in the cloud? Who is responsible for security? The company who owns the data, the cloud provider, or both?
Best Practices When Writing Your Access Onboarding & Termination Policy

Best Practices When Writing Your Access Onboarding & Termination Policy

It's easy to focus on cybersecurity threats like social engineering and phishing. However, internal threats, such as human error and disgruntled employees, can be just as dangerous - and are often overlooked. A mature onboarding and termination policy that leverages least privilege access is essential to preventing a data breach.
Best Practices when Creating a Business Continuity Policy

Best Practices when Creating a Business Continuity Policy

A Business Continuity Policy is critical to your information security program & defines the critical steps your employees need to take after a disaster.
How to Reply to a Request for Information (RFI) Request | A Practical Guide

How to Reply to a Request for Information (RFI) Request | A Practical Guide

Take a deep breath - you’ve got this. Once your blood pressure is back to a reasonable level, start by looking at the RFI itself and ask yourself some questions.
What is a SOC 2 Report: A Breakdown

What is a SOC 2 Report: A Breakdown

A SOC 2 report focuses on the controls a company uses to protect customer data, as well as the operational effectiveness of those controls.
How Long Does It Take To Complete a SOC 2 Audit

How Long Does It Take To Complete a SOC 2 Audit

This post will help plan and manage time expectations and establish a timeline of deliverables - working backward from your SOC audit start date.
FISMA vs FedRAMP, NIST vs ISO, SOC 2 vs HIPAA, ‍ISO27001 vs SOC 2: Which Compliance is Right for Me?

FISMA vs FedRAMP, NIST vs ISO, SOC 2 vs HIPAA, ‍ISO27001 vs SOC 2: Which Compliance is Right for Me?

FISMA vs FedRAMP, NIST vs ISO, SOC 2 vs HIPAA, ‍ISO27001 vs SOC 2. The differences between these and which compliance is right for you.
Information Security Policy Best Practices

Information Security Policy Best Practices

It’s important to keep your Information Security Policy high level. Here are some key points your information security policy should include.
4 Important Considerations When Writing Your Cyber Risk Management Policy

4 Important Considerations When Writing Your Cyber Risk Management Policy

The cyber risk management policy answers this question: “What is our risk management philosophy and methodology based on our landscape?”
Data Classification Policy Best Practices

Data Classification Policy Best Practices

A data classification policy provides a way to ensure sensitive information is handled according to the risk it poses to the organization.
new-strongdm-desktop-app-ui
Want to learn more?
See StrongDM in action. 👀