partners documentation Watch Axonius+
Platform
Platform
By Category
Adapters
I Want To...

Gartner Hype Cycle: CAASM

CAASM is on the rise, says Gartner — but what exactly does this mean? Read the report to find out.

Get the Report
Solutions
Solutions
By Role
By Industry
I Want to...

Start Free Trial

Test drive Axonius for yourself. Sign up for a free, 30-day trial — no strings attached.

Get Started
Use Cases
Use Cases
Cybersecurity
IT and Infrastructure
I Want to....

Start Free Trial

Test drive Axonius for yourself. Sign up for a free, 30-day trial — no strings attached.

Get Started
Resources
Resources
Resources
Blog
I Want to....
Watch Now

Introducing: Axonius+

We wanted to try something new when it comes to our video content. The result? Axonius+. Check it out today.

Watch Now
About
About
About Axonius
Become an Axonian
Partners

Book Your Demo

See Axonius in action and learn what you can accomplish with a comprehensive understanding of all assets.

Sign Up Now
Book a Demo Get Free Trial
    Get Free Trial
    Book a Demo

      Glossary

      [resources, glossary, security-compliance]

      compliance

      Security Compliance

      What is Security Compliance?

      Security compliance is a set of standards or best practices that ensure that customer data is kept secure and vulnerabilities to cyber attacks are at a minimum. Some areas of security compliance are mandatory, such as GDPR or CCPA, and businesses that aren’t compliant with security standards may be subject to regulatory fines or penalties.  

      Many areas of security compliance are around meeting best practices. Sometimes customers require proof that businesses meet certain security compliance standards, such as SOC 2 compliance for third-party SaaS providers.

      What are the Types of Security Compliance?

      Many of the security compliance frameworks depend upon the kind of assets a company has or the industry the company operates within.

      General Security Frameworks that apply broadly across industries include:

      • ISO standards are considered to be “best in class”
      • NIST framework compliance is not mandatory but is considered the best practice
      • GDPR compliance is mandatory in the EU, and subject to penalties
      • CCPA compliance is mandatory in California, and subject to penalties
      • FTC compliance is around fraud prevention and enforces whether companies stick with their stated privacy policies or not

      Financial and Payments Security Compliance:

      • PCI DSS compliance is for payment processors
      • FACTA compliance protects consumer information when credit ratings are pulled or used
      • SOC 2 compliance is for third-party SaaS companies who may use financial data

      Personal privacy and healthcare-related security compliance:

      • HIPAA compliance is around the protection of individual health data
      • HITECH compliance is similar and related to health information specifically related to electronic health records

      Manufacturing and infrastructure related security compliance:

      Related Resources

      Cloud Asset Management - Security Compliance | Axonius
      Preventing Security Risks by Controlling SaaS Sprawl
      Removing the Fog from Cloud Compliance
      Video: Axonius Foundations Course: Cloud Asset Compliance
      Axonius Security Program