360 Advanced, Inc. - Experts & Thought Leaders

Ontic (Ontic Technologies), the protective intelligence software innovator, which is digitally transforming how companies actively identify, investigate, assess, watch and manage physical security threats, has announced the successful completion of its System and Organizational Controls (SOC) 2 Type 2 examination and HIPAA security compliance assessment. Commitment towards data security Ontic is committed to conducting business in a fair, lawful, and transparent manner, while protecting data privacy and security, and its successful SOC 2 completion supports this commitment. “Completing a SOC 2 examination is an important component of our solutions at Ontic,” said Scott Shepherd, the Chief Legal Officer at Ontic. SOC 2 Type 2 examination and HIPAA assessment The SOC 2 report shows that we have the appropriate controls in place" Scott Shepard adds, “The SOC 2 report shows that we have the appropriate controls in place, to mitigate risks related to security and confidentiality, with our SaaS solutions, and that we are safeguarding our clients’ data, which helps them maintain compliance within their own organisations.” With the completion of the SOC 2 Type 2 examination and HIPAA security compliance assessment, as part of a single streamlined engagement, Ontic has created a cohesive security posture across all its operations, allowing for more informed decisions about how best to protect clients and partner information. Security and privacy compliance These compliance assessment efforts were completed by the professional and independent third-party audit firm, 360 Advanced, Inc. By integrating each of its examinations and assessments into a single, consolidated engagement, Ontic was able to reduce the number of resources that were required for their compliance initiative.

360 Advanced, an established cybersecurity and compliance firm, announces its expansion plans for 2020. In response to an increased demand for independent security assessments, the firm is expanding its capabilities, adding new resources to its team to provide a broader range of services to enterprise clients. Enhanced corporate commitments to security US companies have spent more on cybersecurity every year since 2010. As security efforts (and regulatory requirements) have become more complex, companies have invested more heavily in third-party assessments. To help streamline these efforts, 360 Advanced combines multiple assessments in a single engagement. This integrated approach allows companies to spend fewer resources conducting interviews and submitting evidence. It also provides them with a broader view of their security posture – and a better understanding of how to improve. Authority comments 360 Advanced plans to provide a broader range of services in 2020 “We are committed to helping clients be as proactive as possible,” explained Daniel Collins, Chief Executive Officer at 360 Advanced. “Once we have an understanding of a company’s policies and procedures, we can assess those efforts through multiple frameworks – helping them create reliable data protection programs that meet the needs of their users.” “Over the past few years, more and more clients have chosen to complete concurrent assessments,” noted Eric Ratcliffe, Director of Compliance Strategy at 360 Advanced. “To accommodate this, we’ve grown our team in a highly strategic way. We now have the resources to take on more work as a firm, while allowing our clients to continue working with the assessors with whom they’ve already established relationships.” New resources expand the firm’s capabilities To support these efforts, 360 Advanced plans to provide a broader range of services in 2020. The firm now offers CSA Star Attestations and CCPA assessments, in addition to HIPAA/HITECH assessments, HITRUST assessments, SOC reports, PCI DSS assessments, and penetration testing. They are continuing to partner with local leaders in cybersecurity training to promote continuing education while sharing executive insights at national conferences. With a newly expanded office space in downtown St. Petersburg, FL, the firm plans to hire additional Senior Auditors, Practice Managers, and Technical Services Managers in the upcoming year. “For more than a decade, we’ve grown by more than 30 percent each year,” noted Collins. “We expect to continue this momentum in 2020, taking on larger and more complex engagements while maintaining the commitment to quality that our firm was founded on.” Efforts to culminate in a broader corporate footprint 360 Advanced currently serves clients across 48 states and 5 continents – with plans to significantly expand their corporate footprint in 2020. “Having served some of the nation’s top healthcare organizations, technology vendors, and retail organizations in 2019, we’re looking forward to building on that success as we continue to grow,” explained Collins. “Through experience, our team has developed a deep understanding of enterprise security needs – and we look forward to leveraging these insights in the future.”

360 Advanced, Inc. has announced that it has joined the Cloud Security Alliance (CSA), introducing a new security offering for cloud service providers. As a member of the Cloud Security Alliance, 360 Advanced can now provide CSA - Security, Trust, Assurance and Risk (STAR) Attestations. CSA STAR Attestation provides guidelines for Certified Public Accountants to conduct SOC 2 engagements, using criteria from the American Institute of Certified Public Accountants’ (AICPA) Trust Services Principles (TSP) and the CSA Cloud Controls Matrix (CCM). CSA STAR Attestations Created as a collaborative effort between CSA and AIPCA, STAR Attestation couples traditional SOC 2 reporting with cloud-specific content, to result in a rigorous, independent assessment of a service provider’s system and controls, including a description of the service auditor’s tests of controls. These technology-neutral, third-party assessments report on the day-to-day effectiveness of a company’s controls. Upon completion, cloud service providers are added to the CSA’s free, publicly available registry, allowing prospective clients to verify that a vendor’s security posture meets industry requirements. Enhancing cyber security and data protection We’re pleased to welcome 360 Advanced to the Cloud Security Alliance (CSA)" “We are very excited to add this offering for our cloud provider clients. As cloud applications continue to grow, this will allow us to provide an additional service that will help our clients show a higher level of diligence, when it comes to securing their clients’ data,” explained Eric Ratcliffe, Director of Compliance Strategy for 360 Advanced. “We’re pleased to welcome 360 Advanced to the Cloud Security Alliance (CSA) and look forward to working together with them, to strengthen the cloud security and compliance industries, in the years to come,” said Cloud Security Alliance’s Co-Founder and Chief Executive Officer (CEO), Jim Reavis. According to IDG, 73 percent of organisations reported using at least one cloud application in 2018. An additional 17 percent planned to do so by the end of 2019. Privacy and security, main concerns at the enterprise level This rapid growth has been driven by companies’ desire to reduce the complexity and costs of information technology. Ultimately, however, privacy and security have remained concerns – especially at the enterprise level. While providers of any size can benefit from a CSA Star Attestation, large enterprises face higher expectations of transparency and compliance. Prospective clients often ask for assurance that adequate security and privacy measures are in place. 360 Advanced’s independent validation To help meet these expectations, 360 Advanced can provide independent validation that controls have been established to protect confidential data. Attestations include a final deliverables report that outlines the control testing and control activities. “We look forward to helping our clients stay at the forefront of their ever-changing industry,” said Eric Ratcliffe, adding “As always, that includes collaborative audit and assessment services that go beyond basic, check-the-box assessments.”