Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » Generic » Cybersecurity – Shared Responsibility

Cybersecurity – Shared Responsibility

The cybersecurity shared responsibility model plays a great role in mitigating the various aspects of the cloud environment. 

For example, in a shared security model with GCP, Google will be responsible for ensuring that their firewalls remain impenetrable, and you, as a google cloud user, will be responsible for ensuring that you have implemented MFA, used a strong password, and don’t access your business environment that’s hosted on  GCP from open public networks. Google is responsible for guarding the cloud service, while you are responsible for guarding your own account in the cloud service.

Moreover, cybersecurity is a responsibility we all share, and each person plays a role in protecting themselves and others. Just one infected computer can spread malware to countless others. To enhance your safety online, you’ve got to follow some basic cybersecurity measures.

Best practices to ensure your online safety

  • Avoid opening suspicious-looking emails or attachments.
  • Create strong passwords and avoid sharing them with anyone.
  • Keep your operating system, browser, and critical software updated by installing updates regularly.
  • Be cautious about sharing personal information online, and use privacy settings to control the information you share.

Additional reading

nist best practices

NIST Cybersecurity Best Practices

The NIST cybersecurity framework holds a reputable name in the world of cybersecurity. It is mandatory for companies within the US federal network but companies from other industries like SaaS and tech can also adopt it should they have clients within the network. Unlike many other frameworks, NIST has a non-typical approach to implementation and…

8 Simple and Easy Ways to PCI Compliance for Small Businesses in 2023

The Payment Card Industry Data Security Standards (PCI DSS) is a compliance framework that requires any organization processing card transactions or accepting payments via POS (Point Of Sale) and non-POS channels to follow specific requirements to ensure data integrity of the cardholder data against hackers and data breaches. The PCI DSS compliance process is both…
hitrust soc 2

HITRUST vs SOC 2 (Which is right for you?)

Information security is becoming a growing concern for cloud-hosted companies and the organizations are under constant pressure to meet the standard regulatory requirements. Understanding the differences between HITRUST vs SOC 2, although both HITRUST and SOC 2 compliance are industry-recognized certifications,  will help cloud-hosted companies demonstrate privacy, security, and quality practices.  TL;DR: The HITRUST certifications…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.