Aptible logoUse CasesCustomers
Menu
Schedule a Call

Blog

Michael Lyons

CCPA Compliance 101: Consumer Verification

Michael Lyons
February 6, 2020

Aptible’s CCPA Compliance Guide provides a useful overview of what CCPA compliance means for startups, and this blog post complements it by diving into a central topic of the CCPA: consumer-request verification. The CCPA is pretty specific about how you should verify the identity of a requester, and in this blog post we’ll outline the various ways in which you can verify a consumer’s identity.

News & Updates

Read More

Michael Lyons

Creating a Risk Management Program from Scratch

Michael Lyons
February 3, 2020

Risk management is a crucial part of your Security Management program. It is the process of identifying, assessing, and mitigating the unique data security and privacy risks your organization faces. You should start the risk-management process after you settle on the scope of your Security Management program. This way, you can accurately determine what company-specific risks you might encounter. Until you scope your program, you won’t really know what you need to worry about.

News & Updates

Read More

Michael Lyons

What Is Security Management and How Can I Use It to Transform My Business?

Michael Lyons
January 16, 2020

What Is Security Management?

News & Updates

Read More

Chris Gomes

Automating Your Asset Management

Chris Gomes
November 20, 2019

There’s a common security adage that goes “You can’t protect what you don’t know,” and so it’s no surprise that an accurate and up-to-date Asset Inventory is critical to the operation of a Security Management program. The ISO/IEC guidance for implementing an ISMS, for example, recommends starting with “assets with their intrinsic vulnerabilities” as the foundation of your risk assessment; similarly, Asset Management is required in one form or another by SOC 2, HIPAA, and GDPR.

News & Updates

Read More

Chris Gomes

Streamlining Your Vendor Management

Chris Gomes
November 13, 2019

For companies trying to improve their security posture and build trust with their customers, it can be difficult to balance effective security processes with efficient ones. Vendors in particular can pose serious challenges for security management programs: their risks are your risks, and it can be onerous to perform proper diligence on them. Major frameworks like ISO 27001, SOC 2, HIPAA, GDPR, HITRUST, and NIST CSF often have clear but burdensome requirements around Vendor Management, involving:

News & Updates

Read More

Beyond

Arrow

SOC 2

ISO 27001

HIPAA

GDPR

Audit-Ready

Start your security management journey now.

Get Started