SOC 2 compliance does not have a strict list of "required" CIS Controls. SOC 2 is based on the AICPA Trust Services Criteria (TSC) — primarily the Security criterion (which is mandatory), with optional additions like Availability, Confidentiality, Processing Integrity, or Privacy depending on your clients' needs.

SOC 2 compliance demonstrates that your organization has strong controls in place to protect customer data—focusing on security, availability, processing integrity, confidentiality, and privacy (known as the Trust Services Criteria or TSC). For smaller businesses like many of our clients, it's often a key requirement to win enterprise contracts, meet cyber insurance needs, or build trust with partners.

The Securities and Exchange Commission (SEC) has introduced updated cybersecurity risk management rules, initially proposed in February 2022. These regulations, which apply to investment advisers, registered investment companies, and business development companies, require entities categorized as “advisers” and “funds” to comply with enhanced cybersecurity measures.

The notion that U.S. employers would engage in broad-scale temperature screening of employees would have once been essentially unthinkable.  But the realities of COVID-19 are changing the workplace, as least for the time being.  With the encouragement of the Centers for Disease Control and Prevention (“CDC”) and some state and local governments, and in light of the blessing of the Equal Employment Opportunity Commission (“EEOC”), more employers are now considering the implementation of daily temperature screening[1]before employees enter the workplace.

In light of concerns about the spread of the novel coronavirus in the workplace, employers are confronting important questions pertaining to the screening of employees for COVID-19 symptoms, including as it pertains to taking employees’ temperatures: May (or must) we screen employees for fevers, and if so, how should we implement such a practice?

(more…)

In the past week, we've received several inquiries about managing remote staff. As companies around the globe grapple to address coronavirus and the workplace, managers who have never led a distributed workforce before are facing the very real likelihood of an immediate crash-course in remote management.

At BizCare, we help you track the key factors that affect air quality: chemicals, dust, CO2, humidity, and temperature. The first on the list sounds a bit ambiguous--which “chemicals” are we even talking about? The chemicals in your air that we’re most interested in are commonly referred to as VOCs, and we have quite a bit to say about them.

A lot of press has been given to green computing lately, much of it talking about green data centers. While you may applaud the fact that Dell, Google, HP and others are putting plans into action to reduce energy consumption, you may have a lot of trouble identifying with the whole ‘data center’ discussion.

The full-time corporate office where everyone is in the same building all day, every day, is clearly a thing of the past. IT Service Providers are fully engaged with supporting mobile work and, in many respects, is leading the way in helping the organization to increase productivity, enable more effective customer support, attract and retain talent and increase corporate agility.