The Importance of Compliance

It is imperative that organizations comply with the laws, policies, and regulations of their industry. When selecting a cybersecurity solution, make sure that compliance is at the top of your list.

See how Plurilock meets the requirements of your industry so you can rest assured. View the list of regulations, displayed by industry, below. For more detailed information, request our Compliance Datasheet here. or contact us with further questions.

All Industries

ISO 27001

ISO 27001 is an International standard, prepared to provide requirements for establishing, implementing, maintaining, and continually improving an information security management system.

SANS CSC

The CIS Critical Security Controls are a recommended set of actions for cyber defense that provide specific and actionable ways to stop today’s most pervasive and dangerous attacks

Government & Military

The National Institute of Standards and Technology (NIST) is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems. BioTracker is NIST 800-53 and NIST 800-171 compliant.

NIST 800-53

This publication recommends security controls for federal information systems and organizations and documents security controls for all federal information systems, except those designed for national security.

NIST 800-171

This publication provides federal agencies with recommended requirements for protecting the confidentiality of CUI

FIPS Publication 200

The FIPS Publication 200 standard addresses the specification of minimum security requirements for federal information and information systems. FISMA directs the promulgation of federal standards for the security categorization of information and information systems based on the objectives of providing appropriate levels of information security according to a range of risk levels.

Financial Services

NFA Rule Book

The NFA strives to safeguard the integrity of the derivatives markets, protect investors, and ensure members meet their regulatory responsibilities.

FFIEC Info-Sec Booklet

The Federal Financial Institutions Examination Council (FFIEC) is a formal U.S. government interagency body composed of five banking regulators that is “empowered to prescribe uniform principles, standards, and report forms to promote uniformity in the supervision of financial institutions”.

GLBA

The Gramm-Leach-Bliley Act also known as the Financial Services Modernization Act of 1999, to control the ways financial institutions deal with the individual’s private information.

SOX

The Sarbanes Oxley Act protects shareholders from accounting errors and fraudulent practices and improves the accuracy of corporate disclosures.

Dodd-Frank

The Dodd-Frank Act places regulation on the financial industry in the hands of government to limit risk and enforce transparency and accountability.

PCI DSS

The Payment Card Industry Data Security Standard applies to companies of any size that accept credit card payments, and requires data be hosted on a PCI compliant hosting provider.

Critical Infrastructure

NIST 800-53

NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems.

NERC CIP v5

The NERC CIP (North American Electric Reliability Corporation critical infrastructure protection) plan is a set of requirements designed to secure the assets required for operating North America’s bulk electric system. The NERC CIP plan consists of 9 standards and 45 requirements covering the security of electronic perimeters and the protection of critical cyber assets as well as personnel and training, security management and disaster recovery planning.

23 NYCRR 500

23 NYCRR 500 requires banks, insurance companies, and other financial services institutions regulated by DFS to establish and maintain a cybersecurity program designed to protect consumers and ensure the safety and soundness of New York State’s financial services industry.

Healthcare

HIPAA

HIPAA (Healthcare Insurance Portability and Accountability Act) provides data privacy and security provisions for safeguarding medical information.

HITECH

HITECH (Health Information Technology for Economic and Clinical Health) Act promotes the adoption of EHR (Electronic Health Records) and private and secure health information exchange.

NIST SP 800-53

This publication recommends security controls for federal information systems and organizations and documents security controls for all federal information systems, except those designed for national security. ■

Stay informed. Join our low-volume list for news and updates.

PLURILOCK IS THE LEADER IN ADVANCED AUTHENTICATION

Plurilock is the leader in advanced, risk-based authentication. We provide invisible, device-free MFA for corporate endpoints, Citrix sessions, cloud applications, and their users in finance, healthcare, education, and SaaS.

Follow

        

Contact Plurilock

Have a question or comment? 

© 2018 Plurilock. All Rights Reserved. | Plurilock Cage Code L02Z7; DUNS 248484623