[4 min read] 5 Key features you need that a traditional GRC provider doesn’t offer When we talk to customers, prospects and even audit partners, they are often overwhelmed with the choices they have for a GRC (Governance, Risk and Compliance) tool or don’t really know what a GRC tool does.  There ...

[4 min read] Hint Health is a technology enabled Direct Primary Care (DPC) solutions company that partners with visionary provider organizations to build successful DPC programs. They developed the HintOS™ platform, an enterprise-grade DPC management platform that powers the largest and ...

[5 min read] There is much confusion around Vendor Risk Management (VRM), what it is and how to handle it properly for all sizes of business. Too often it is mistakenly confused with a Vendor Risk Assessment, a single point in time component of an effective VRM program.  To get on the same page, a ...

[4 min read] If you come from the tech-centric world of Tesla and Apple and enter the world of dental labs where orders are sent by paper, phone or email you are bound to want to make changes.  That’s what happened to Ostendio customer, Ray Alde, CTO of Arklign.  Ray is the co-founder of Arklign ...

[4 min read] The role of information technology has infiltrated the day to day mechanics of all industries, especially healthcare. Information technology and data security are particularly important to healthcare because of the volume of sensitive data healthcare companies store, and the urgency of ...

[4 min read] A recent article in SecureWorld “Lessons from 2020, and what to expect in 2021: An evolutionary time in cyber and privacy” looks back at some of the main cybersecurity events in 2020 but also predicts what 2021 will bring.  With many of us busy planning for the year ahead, what do we ...

[5 min read] The data breach involving FireEye and SolarWinds was shocking. As the leader of a cybersecurity platform company, a significant breach like this highlights how creative the hackers are becoming. If companies like FireEye and SolarWinds can be vulnerable then we all need to step up our ...

[5 min read] 2020 was undoubtedly a shock to the system, shaking up everyone’s personal and business life. At Ostendio we transitioned quickly to a work-from-home environment for all employees. On the plus side, some of us have found that we are significantly more productive working at home. Anyone ...

Are you feeling a little overwhelmed at the thought of a security audit? Have you heard the SOC 2 name mentioned in meetings but don’t understand what’s involved? Many people have questions about security audits so here is our quick overview to answer a few of your SOC 2 questions including ...

The election news cycle is in full swing as we near the big day on November 3rd. Regardless of how you vote, at Ostendio we encourage all employees to get out and vote by offering paid time off work to get to the polls and cast their ballot.  In the news this election year we are hearing a lot ...

Many larger companies, and some medium sized companies, have a focused CISO with a great IT team who have all worked hard to establish a data security and risk management program.  Perhaps the CISO and IT team have spent hours collecting data, building spreadsheets and sharing evidence with ...

Thinking about cybersecurity is a full time, 365 day-a-year job at Ostendio but for many it comes to mind most during October when the National Cybersecurity Alliance partners with companies and government agencies to promote cybersecurity at home and in the workplace.  Ostendio is proud to be a ...

If you’ve recently built a data security and risk management program and passed a security audit, you’ve accomplished more than many organizations.  But cyber criminals don’t rest, even if you have a verifiable cybersecurity plan in place, bad actors are constantly innovating and finding new ways ...

The first step in any process is often the hardest. Realizing that you need to take action is just the beginning, deciding what action to take is another matter. Some companies build their cybersecurity into their organization right from the start, others realize later down the line that they need ...

As a CISO, you’ve spent time deciding on the best platform to suit your data security and risk management needs and you are ready for the implementation. But what happens when you need to train your staff or what happens if you have a question? After the sales team has handed off your account does ...