5 Big Industry Compliances IT Pros Should Know

When dealing with the security side of things in IT,  there are quite a few compliancies that get tossed around frequently. If you are in the verticals associated with these compliances or work with those in these verticals these standards and compliances are something you want to know. Depending on what industry you are in they can lead to discounts for having them or consequences for not.

5 Big Compliances IT Pros Should Know

1. FIPS 140-2 (Federal Information Processing Standard)

Who does it affect?

Government Vertical

Purpose:

Ensure that the  federal government and agencies adhere to the same guidelines regarding security and communication. Products are given an Evaluation Assurance Level (EAL 1 –EAL 7) based on how rigorous the testing was that it passed.


2. Common Criteria

Who does it affect?

Government Vertical

Purpose:

Provides a reliable evaluation of the security capabilities of IT products.


3. CIPA (Childrens Internet Protection Act)

Who Does it affect?

Education Vertical

Purpose:

To address concerns about children’s access to harmful and obscene internet content. Schools and libraries who meet this compliance may be eligible for discounts of product through an E-Rate program.


4. TAA  (Trade Agreements Act)

Who does it affect?

Government Vertical

Purpose: 

Ensures that the products being purchased are either made in the USA or in a TAA  approved country.


5. HIPAA  (Health Insurance Portability and Accountability Act)

Who does it affect?

Healthcare Industry

Purpose:

Sets standards for all physical, network, and process security of any company that deals with protected health information.