Clik here to view.
Maintain Safe Harbor: Check Your Compliance Status
p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; font: 18.0px 'Ariel'} p.p2 {margin: 0.0px 0.0px 0.0px 0.0px; font: 16.0px 'Times New Roman'; min-height: 18.0px} p.p3 {margin: 0.0px 0.0px 16.0px 0.0px; font:...
View ArticleIRS TIN Validation- Explained
What is IRS TIN validation? Where did it come from? What does this government mandate mean for you and your business? Phyllis Richards, VP of Merchant Services Product Management for SunTrust Merchant...
View ArticleClik here to view.
Is Your Printer an Informant?
In recent security conferences, network printers have been revealed to be potential doorways into a secure network. How can this be? They just receive print jobs from inside your network and create...
View ArticlePortfolio Compliance: A Custom Approach
A successful PCI program doesn't come in a can. Every portfolio is unique and has different needs. PCI compliance programs can be as successful as you want them to be. SecurityMetrics provides...
View ArticleClik here to view.
Network Security for Small Businesses
Small businesses are the primary target for data breaches. Most do not have the time, money, knowledge, or patience to secure their business network. In the black hat hacker community, these facts are...
View ArticleClik here to view.
PCI FAQ
Your most common questions about the payment security standard, answered. By David Ellis, GCIH, QSA, PFI, CISSPAs you may expect, we get a lot of questions about PCI DSS compliance. I thought I’d post...
View ArticleClik here to view.
HIPAA FAQ
Your most common questions about the Healthcare Information Portability and Accountability Act, answered. By Tod Ferran, CISSP, QSAAs you may expect, we get a lot of basic questions about HIPAA...
View ArticleClik here to view.
PCI Compliance Maintenance - You're Not Done Yet!
Compliance is a day-by-day security process. By Brandon Barney, CISSPPCI compliance isn’t an event. It’s an ongoing process! Lots of people believe they can ‘finish’ or ‘complete’ PCI requirements, but...
View ArticleClik here to view.
HIPAA Compliant Passwords
The best (and worst) password strategies for healthcare. By Tod Ferran, CISSP, QSAPasswords. It’s strange that such a teeny line of text is sometimes the only thing that stands between a hacker and a...
View ArticleClik here to view.
How Does a Firewall Protect a Business?
Keepin’ the bad guys out of your internal network and away from your data. By Brandon Barney, CISSP What is a firewall? What do they look like? Do I have a firewall at my business? These are some of...
View ArticleClik here to view.
Stay Off the HHS Naughty List
HHS Wall of Shame exposes the not so careful…By Tod Ferran, CISSP, QSAWith an average of 1.5 million unique visitors per month on hhs.gov (complete.com), the Wall of Shame is an extremely public record...
View ArticleClik here to view.
What Are Addressable HIPAA Requirements?
Contrary to popular belief, addressable does NOT mean optionalBy Tod Ferran, CISSP, QSAIn each HIPAA Security Rule, implementation specifications are either “addressable” or “required” and describe how...
View ArticleClik here to view.
Top 10 Types of Phishing Emails
Criminals have countless methods to trick email users. By David Ellis, GCIH, QSA, PFI, CISSPPhishing is the electronic version of social engineering and has found a huge market in our email-obsessed...
View ArticleClik here to view.
7 Ways to Recognize a Phishing Email
"You can fool some of the people all of the time, and all of the people some of the time, but you cannot fool all of the people all of the time."–Abraham Lincoln By David Ellis, GCIH, QSA, PFI,...
View ArticleClik here to view.
How to Send HIPAA Compliant Emails
Do you know the rules when it comes to emailing PHI? By Tod Ferran, CISSP, QSASending snail mail is tedious. That’s why email was invented, right? Unfortunately for healthcare providers, email security...
View ArticleClik here to view.
HIPAA Compliance vs. PCI DSS Compliance
Why do you need to comply with PCI if you’ve already taken care of HIPAA?By Tod Ferran, CISSP, QSASome are required to comply with both HIPAA (Healthcare Information Portability and Accountability Act)...
View ArticleClik here to view.
Vendor-Supplied Defaults Are a Serious Threat
Hackers are merely a Google search away from hacking your network. By Brandon Barney, CISSPDevices, like routers, come straight from the vendor with factory settings like default usernames and...
View ArticleClik here to view.
Forensic Files: The Case of the Suspiciously Flawless Investigation
When business security is spotless, look to third parties for errors. By: David EllisThe following post is a segment in my Forensic Files series. I’ve found the best way to inspire better security...
View ArticleClik here to view.
Forensic Files: The Case of the Mistaken Malware
Routine log review unearths rootkit, which leads to discovery of memory scraperBy: David EllisThe following post is a segment in my Forensic Files series. I’ve found the best way to inspire better...
View ArticleClik here to view.
Forensic Files: The Case of the Stockpiled Credit Cards
One unlucky man inherits a lot of problemsBy: David EllisThe following post is a segment in my Forensic Files series. I’ve found the best way to inspire better security practices is to show examples of...
View Article