Services providers in the government and retail sectors face compliance duties — the Federal Information Security Management Act and the Payment Card Industry Data Security Standard (PCI), for example. The same holds true in healthcare, where the Health Insurance Portability and Accountability Act (HIPAA) sets a data protection standard for healthcare providers and health plans (“covered entities” in HIPAA jargon) as well as their business associates. The business associate label applies to companies whose business with providers and plans involves working with protected health information (PHI). Data processing is one such business. This regulatory environment has created a niche for HIPAA-compliant hosting.
add a comment
Health Care Organizations Seek HIPAA-Compliant Hosting
Posted December 1st, 2011 by John Moore
New PCI Standard: MSPs Deal With Semantics
Posted December 6th, 2010 by John Moore
Sometimes an MSP’s job is semantical as well as technical. Take the latest version of the Payment Card Industry Data Security Standard (PCI DSS 2.0), which has been out for a few weeks now. MSPs say the standard clarifies the language of the previous iteration, which had some enterprises confused. The PCI standard prescribes security measures for businesses that handle customers’ credit card data. The PCI Security Standards Council, which manages the PCI DSS 2.0 standard, said most of the changes in the new version “are modifications to the language, which clarify the meaning of the requirements and make adoption easier for merchants.” Here’s the update.
Alert Logic, Tenzing Managed IT Services Team On Security
Posted October 20th, 2010 by John Moore
Alert Logic has been backing SaaS — rather than on-premise gear — as the path for channel partners seeking to add security services to their offerings. The company positions itself as a alternative to partnering with a managed security services provider (MSSP), which Alert Logic chief executive officer Gray Hall has characterized as a business model in decline. A data point supporting this view comes from Alert Logic’s recent teaming arrangement with Tenzing Managed IT Services. Here are the details.
CipherOptics: Easing PCI Compliance For Public Networks?
Posted August 4th, 2010 by Dave Courbanou
In recent months, we’ve heard from a range of MSPs and hosting providers that have embraced PCI compliance to win new business. Building on that theme, CipherOptics is promoting Virtual IP technology that allegedly allows service providers and customers to secure PCI regulated data over public and private networks. Here’s some insight on the effort.
Citrix Targets MSSPs, Cloud Partners with App Firewall
Posted March 4th, 2010 by Joe Panettieri
Managed security service providers and cloud vendors for about the past year have been broadening their offerings to include application firewalls. Against this backdrop, Citrix Systems Inc. this week rolled out a line of application firewalls, targeting MSSPs and cloud providers as well as enterprise customers. Here’s some background.
Managed Security Add-on: SIEM
Posted June 11th, 2009 by John Moore
Looking to differentiate your managed security services? One potential way to do so is to evaluate security information and event management (SIEM) appliances. Here’s what they do.
Envysion: Managed Video Service Meets PCI Compliance
Posted July 22nd, 2008 by Joe Panettieri
Back in January, I noted a growing number of managed service providers are embracing PCI DSS (Payment Card Industry Data Security Standard). Now a quick update: Envysion, which specializes in managed video as a service, says it has passed its PCI-DSS certification audit.
