Do you have regulations you must comply with or are you considering getting certified for one of the security standards?
Laws and Regulations Compliance
PHIPA, PIPEDA, PIPA are federal and provincial laws protecting privacy (PHIPA refers to health records)
HIPPA is a US law that safeguards health information
GDPR is European regulation protecting personal data that some organizations outside Europe must comply with.
Nova can guide you to reach compliance.
Security Standards Compliance
PCI, ISO 27001, SOC 2, NIST are well -recognized standards that assure the certified organization uses cybersecurity best practices to protect data confidentiality, integrity and availability.
Nova itself is ISO 27001 certified.
PCI has several options to be PCI compliant assuring credit card data is protected.
The other standards require a 3rd party auditor to validate the controls in the standard are being followed. Nova offers a cost effective “pre-audit audit” to check if you are ready.
More importantly, using one of these standards as a template for your own security management assures comprehensiveness and that you are not missing anything.