Our Blog

The big, bad world of compliance isn't actually as bad as one might think. In many cases, the intimidation of the unclear regulatory requirements make many IT people pray for some sort of operational crisis to distract them.

HIPPA, SOX, GLBA,PCI, FDIC,  ISO 27000 series, PIPEDA, CoBiT, Red Flag, and various state requirements - just to name a few - the list is long. The bottom line is that every regulatory agency wants to give the appearance that they are doing something to keep people safe from the big, bad Internet. Often, the biggest challenge is figuring our which standards apply to your organization.

The good news is that almost all of these standards have commonality. There are only so many ways you can approach risk mitigation and prevention methods when it comes to information security. In reviewing these various standards, we at NSG have found that with few exceptions, all the various requirements can be mapped to the ISO 27000 series (formerly 17799). We have, over the years, developed matrices allow a more streamlined approach to compliance.

NSG has been at the forefront with the new Massachusetts Data Protection Laws, providing seminars and compliance programs to service out customers. It is only a matter of time before all the commonwealths and states have their own regulations, and we feel they will all be rather similar.

To summarize, NSG has the tools and expertise to solve all of your compliance concerns.