Security

The (Security) Business Case for Moving to the Cloud

Lower capital expenses, access to the newest technology, and operational efficiency are among some of the most documented benefits of moving to the Cloud. The conversation gets a bit complicated when somebody invariably asks: Is the Cloud secure? Can you trust a platform with limited security controls, new security paradigms, and unfamiliar management techniques?

Read More
By James Adamson on Jun 15, 2016 9:00:00 AM
Security

Preventing PIN PAIN: One Thing You Can do Right Now to Thwart Credit Card Skimmers

Maybe you’ve seen the latest security scare video that’s making its way across the Internet. A group of men are shown installing a credit card skimmer over the entire PIN pad in under three seconds. This latest attack example reinforces the importance of new requirements that were introduced in PCI 3.0 requiring organizations to inventory and conduct periodic physical inspections of PIN pads. So, what can you do to identify these issues quickly?

Read More
By James Adamson on Mar 22, 2016 3:19:11 PM
Security

Time to Stop POScrastinating

The best practices introduced in the PCI DSS v3 (6.5.10, 8.5.1, 9.9, 11.3, and 12.9) become mandatory requirements on July 1, 2015. One of the most formidable new requirements, especially for retailers with a large number of point of sale systems accepting card present transactions, will be Requirement 9.9. There are three basic goals of Requirement 9.9: maintain a list of devices, periodically inspect devices to look for tampering or substitution, and train personnel to be aware of suspicious behavior and to report tampering or substitution of POS devices. Let’s take a quick look at what merchants will need to do and what the QSA will be reviewing.

Read More
By James Adamson on Jul 2, 2015 4:32:50 PM
Security

Remember to Review Risk

The great thing about working with a passionate team of professionals is the inclination to share information, techniques, and tools – a cycle of constant improvement. I was recently in the middle of one of those discussions when it turned towards a particular application designed to capture notes. It wasn't the first time I’d heard the praises about this particular application. I also remembered that it had finally been released on my platform of choice, Mac OS X. I popped open the App Store and had it downloaded before the conversation even concluded, excited to explore the potential of the tool. Upon launch, I was immediately required to create an account so the notes could be stored in the cloud.

Read More
By James Adamson on Jul 14, 2014 3:00:17 AM