The most crucial and consumed PCI DSS and business security posts.Because of its complexity, technicality, and ever-changing nature, there’s never a shortage of questions about data security, PCI DSS compliance, and network security. That’s why we started this blog; to answer the most commonly asked questions about data security, and to offer educational assistance on how to get your business secure and compliant.
The following is a compilation of the most crucial and consumed data security content on the SecurityMetrics blog.
- Learn how not understanding your scope can seriously affect your security.
- Why companies make the mistake of thinking policies are just annoying paperwork.
- Don’t assume log monitoring is just for forensic investigators.
- Learn the subtle hints of phishing emails.
- Understand that just because a link says it will send you to a URL, doesn’t mean it will.
- Why domain emails are important when discerning a phishing email.
Since 2011, SecurityMetrics has examined data from thousands of scans conducted on business networks. The scans were searching for unencrypted payment card data using a credit card data discovery tool called PANscan. This post examines the 2014’s scan results.
- Understand the most common places credit card data hides.
- Lean how easily payment card data leaks.
- Why EMV won’t stop this trend, even after the October 1, 2015 deadline.
- Learn the penalties for noncompliance after January 1, 2015.
- What Visa actually meant by noncompliance assessments and risk reduction measures.
- What the new enforcement plan actually means for noncompliant merchants.
- Determine which SAQ is appropriate for you.
- See an entire list of PCI SAQs updated to reflect the most recent PCI 3.0 changes.
- Learn why accurately filling out an SAQ is a PCI requirement.
When small to medium merchants call in to SecurityMetrics to get help with their data security, these are the questions we hear and answer most often.
- Learn the difference between compliance and validation.
- Answer the question: who is required to be PCI compliant?
- Understand why PCI DSS is not a federal law.
Tweet these top PCI articles.
- How will PCI 3.1 affect you?
- How to tell if you’re using SSL or outdated TLS protocols.
- Advice for complying with this new version of PCI DSS.
- Exactly which systems are affected?
- How does the vulnerability work?
- What you can do to protect against this vulnerability in your Windows systems.
- An ebook explaining the ecommerce merchant’s guide to PCI DSS 3.0.
- Webinars explaining key PCI 3.0 requirements.
- FAQ about PCI DSS 3.0.