Clik here to view.
A Quick Look at SAQ P2PE: Reducing Your PCI Workload
Learn more about this SAQ and who qualifies for it. By: George MateakiSecurity AnalystQSA, CISSPThe P2PE SAQ is for merchants that use a P2PE solution for their payment transactions. By doing so,...
View ArticleClik here to view.
A Look at the PCI SSC’s E-commerce Guidance: What to Know about PCI 3.2
Learn what PCI 3.2 expects from e-commerce merchants. By: George MateakiSecurity AnalystCISSP, QSAMany e-commerce merchants face similar issues when it comes to securing cardholder data.The PCI SSC...
View ArticleClik here to view.
Keep Employees on a Need-to-Know Basis: A Look at PCI Requirement 7
See why you should restrict employee access to sensitive data. By: Matt GladeSecurity AnalystCISSP, QSANeed-to-know is defined as the least amount of data required for an employee to be able to...
View ArticleClik here to view.
How Much Does PCI Compliance Cost?
Learn elements of reaching PCI compliance and realistic PCI security budgets.By: Gary GloverVP of AssessmentsQSA, CISSPNote: This post was originally published on August 19, 2015 and has been updated....
View ArticleClik here to view.
Petya Ransomware Outbreak: What to Know
Understand more about this new ransomware and what you should do. By: Steve SnelgroveSecurity AnalystCISSPA new ransomware is taking the world by storm. This ransomware is a new variant of the Petya...
View ArticleClik here to view.
Complying with the GDPR: What You Should Know
Here are some answered questions about GDPR compliance. By: Ian EylesDirector of European BusinessThe General Data Protection Regulation (GDPR) will come into effect next year, replacing the Data...
View ArticleClik here to view.
SAQ C: Securing Your Payment Application
See what’s required for this SAQ. By: Jen StoneSecurity AnalystCISSP, QSASelf-Assessment Questionnaire (SAQ) C addresses requirements for merchants whose payment application systems are connected to...
View ArticleClik here to view.
PCI Requirement 8: Combatting Weak Passwords and Usernames
What do you need to do to be compliant with Requirement 8? By: Jen StoneCISSP, QSAWhen was the last time you changed your password on your computer? A few months? A few years?You’re not alone. For many...
View ArticleClik here to view.
The Beginner’s Guide to Combat Phishing
Learn how phishers target employees and how to spot a scam. By: George MateakiSecurity AnalystCISSP, QSASocial engineering isn’t always done in person; sometimes all it takes is for a single...
View ArticleClik here to view.
SAQ D: The Basics of Protecting Card Data for Merchants
Learn what merchants must do to fill out SAQ DBy: Michael SimpsonPrincipal Security AnalystQSA, CISSPPayment Card Industry (PCI) Self-Assessment Questionnaire (SAQ) D is the longest SAQ mostly because...
View ArticleClik here to view.
SSL to TLS v1.2: Tips for Migration
Make sure you update your encryption to the latest software by next yearBy: Michael SimpsonSecurity AnalystQSA, CISSP, CCNPAre you still using SSL encryption or TLS v1.0? If so, you’re putting your...
View ArticleClik here to view.
PCI DSS Requirement 9: Upping Your Physical Security
Is your physical data security strong enough? Jen StoneSecurity AnalystMCSIS, CISSP, QSADid you know that most theft of equipment containing sensitive data occurs in the middle of the day? That’s...
View ArticleClik here to view.
SAQ D: What’s Required for Service Providers
Learn About PCI Compliance for Service Providers. By: Michael SimpsonSecurity AnalystQSA, CISSP, CCNPIf you are a service provider who stores credit card data, PCI SAQ D likely applies to you. Service...
View ArticleClik here to view.
How Much Does a Pentest Cost?
Ethical hacking is great way to discover where your business security fails.Note: This post was originally published on April 15, 2015 and has been updated.By: Gary GloverVP Security AssessmentsCISSP,...
View ArticleClik here to view.
PCI Requirement 10: Logging and Log Monitoring
Learn the ins and outs of log monitoring at your business. By: George MateakiSecurity AnalystCISSP, QSAHow much do you know about logs? Do you have someone track them? Log monitoring is actually...
View ArticleClik here to view.
HIPAA Business Associate Agreements 101
HIPAA requires Business Associate Agreements. Learn the who, what, why and how of these important contracts. By: Ryan MarshallHIPAA Fulfillment ManagerCISSP, HCISPPWhen it comes to patient data...
View ArticleClik here to view.
How Does Network Segmentation Affect PCI Scope?
Isolating your network can increase your security. By: Gary GloverNote: This post was originally published on March 11, 2015 and has been updated.What is Network Segmentation? Network segmentation is...
View ArticleClik here to view.
PCI DSS Compliance FAQ
Your most common questions about the payment card industry data security standard, answered.Note: This post was updated September 26, 2017. By: George MateakiSecurity AnalystCISSP, CISA, QSA, P-QSAAs...
View ArticleClik here to view.
Are You Ready for PCI DSS 3.2?
By February 1, 2018, all PCI security assessments will need to use version 3.2 of the PCI DSS. From PCI DSS 3.1 to 3.2 The Payment Card Industry Security Standards Council (PCI SSC) announced PCI Data...
View ArticleClik here to view.
HIPAA FAQ
Your most common questions about the Healthcare Information Portability and Accountability Act, answered.This post was updated on October 6, 2017.By: Jen StoneMCSIS, CISSP, QSAAs you may expect, we get...
View Article