Is Your Business PCI Compliant?

Payment Card Industry Data Security Standard (PCI DSS) is a common sense standard based on good IT Security policy. The objective is to protect customer credit card information from compromise. With the holiday season upon us, eCommerce and credit card processing activities will ramp through the end of the year. Trillions of dollars are transacted via credit card every year. So what can you do to ensure your business is PCI compliant? PCI Compliance Assessment Determine if your company policies and procedures ensure PCI compliance. In addition to technology considerations, your employees should be trained on how to protect credit card information. If credit cards are taken over the phone, never write down card numbers. If employees are entering credit card information into an order processing system or payment authorization gateway, ensure the data is encrypted when stored. If your business uses a Cloud Based service, check to ensure they are PCI compliant too. PCI Compliance and Network Security Another consideration for PCI Compliance is your network security. In addition to a firewall, you should lock down any unsecure WiFi access. Unauthorized access to your network could leave your business open to exposure of malware, virus and man in the middle threats in which credit card information can be accessed without your knowledge. Network Monitoring for PCI Compliance PCI Compliance is not a one time effort. To stay compliant you should periodically review your policies and monitor your systems. Periodic network monitoring can detect any unauthorized access, network security violations and any other deficiencies that require immediate remediation. Maintaining PCI compliance for your business helps you avoid costly security...

Is Network Security Your Priority?

Everyday there are reports of businesses being targeted with security attacks. The list of large companies being hit is long. Small businesses are equally vulnerable to security hackers and may be less resilient. To say that security is a top business concern seems unnecessary. Most companies understand that security is not something to be taken lightly. In a recent CompTIA survey, 74 percent of business leaders said that security is a higher priority today than it was two years ago. Eighty-five percent of firms surveyed reported that IT security will have an even higher priority two years from now. Network Security Versus Human Error Everyone agrees that security is important. Malware and hacking are still the major concerns. Human error has become one of the most recent threats. This is a growing concerns that needs attention. To combat human error, significant education and training of employees is needed. Mitigation strategies for all businesses, whether large or small, are of the utmost importance. With new models of security, there are new loopholes to exploit; with greater technology reliance, there is a greater potential for disruption. Add in escalating privacy concerns and critical regulatory concerns, and it is easy to see how security is becoming much broader than firewalls and anti-virus software. Security Policies and Procedures It is important for your business to establish clear procedures on notification and escalation of a data leak or data breach. Ensure that your team knows how to escalate a concern within the company. It is more important to raise the issues quickly rather than cover up a security breach. Your business must have clear...

Is Your Business Ready for a Disaster?

Disaster recovery and business continuity planning are processes that help organizations prepare for disruptive events—this might include a hurricane, an earthquake, a power outage caused by a fire or a cyber attack by hackers. Your business should have a process in place ranging from overseeing a disaster plan, to providing input and support, to putting the plan into action during an emergency. Having a Plan Is Important Given the human tendency to look on the bright side, some business people are prone to ignoring disaster recovery because disaster seems an unlikely event. Business continuity planning is a more comprehensive approach to making sure you can keep making money, not only after a natural disaster but also in the event of smaller disruptions including illness or departure an employee or other challenges that businesses face from time to time. The critical point is that neither element can be ignored, and physical, IT and human resources plans cannot be developed in isolation from each other. At its core, BC/DR is about constant communication. Don’t Forget to Test Your Plan Once you have a plan, it is imperative to test your backup and recovery scenarios to make sure you can bring your systems up in a timely manner. For disaster scenarios, consider training employees on protocol in an emergency situation. Understanding the effects that a disaster can have on your company is extremely important. In order to prepare your business for a disaster, it is necessary to analyze the costs and risks associated with downtime of your critical applications and their data. Having a proactive business continuity/data recovery plan will save your...

The Most Recent Data Breaches and Their Consequences

Big data breaches have been making headlines more and more frequently. It was announced last week that the computer systems at the U.S. Office of Personnel Management had been breached. This is the second computer break-in in the past year for the agency. An estimated four million current and former federal employee records may have been compromised. Guidance Software, a cybersecurity firm, used Einstein, an intrusion detection system, to trace the breach back to a machine under the control of Chinese intelligence. Is Your Network Protected? The hard truth about data breaches is that no one is safe: An individual, a small business, a Fortune 500 company, and government agencies can all be infiltrated. Costs from data breaches have grown tremendously in recent years. On average, a data breach will cost a large company about $640,000 to cover the cost of business disruption, information loss, and detection. It takes the average company about a month to recover. If you own a small to medium sized company, it’s doubly wise to be prepared. Small organizations can expect a higher per-capita cost than large organizations. So, what can your organization do to be better prepared for a possible data breach? Why Invest in Stronger Security Measures United States senators have added $200 million in funding to their proposed fiscal 2016 budget to fund a detailed study of the cyber vulnerabilities of major weapons systems. Smaller organizations would be wise to follow these footsteps and make data security a priority going forward. The biggest goal for SMBs when it comes to data security is education over technical improvement. Security education must be...

Protect Your Organization from Ransomware

It’s a moment every business owner dreads. A message appears on your organization’s computer screen alerting you that your files have been encrypted and the only way to access them is by paying a ransom. Security threats to computers and mobile phones have grown more sophisticated around the globe in the past few years. The United States in particular saw an increase in “ransomware.” What is Ransomware? Cypersecurity experts report that ransomware is one of the fastest growing forms of hacking, and the scary part is that no one is safe. An individual, a small business, a Fortune 500 company, and government agencies can all be infiltrated. It also attacks smartphones. Ransomware is malicious software that hackers use to extort money from individuals or businesses by preventing them from opening their documents, pictures, and other files unless they pay a ransom, usually in the amount of several hundred dollars. How Ransomware Works Similar to other hackers’ schemes, ransomware can arrive in emails or attachments with links that, when clicked, encrypt your files. Attacks can also occur during a visit to a website, as cybercriminals can attach computer code to even the most well known websites. It could happen during something as harmless as updating an application or downloading an app on your smartphone. Protect Your Organization Cybercriminals are starting to target small businesses more and more, because generally speaking, they are more vulnerable. While big companies have backups and separate computers for their different departments, small to medium sized businesses lack technology teams, sophisticated software, and secure backup systems to protect from ransomware. One of the best investments your...
Page 4 of 10« First...23456...10...Last »