PCI Compliance Updates Coming in April 2024
Chris Riani | CISSP | CASP Several changes are coming to the Payment Card Industry Data Security Standard (PCI DSS), starting April 1, 2024, when PCI DDS 4.0 becomes the only official PCI standard at the conclusion of the 3.0 transition period. The new changes and requirements introduce stringent cybersecurity compliance requirements for organizations that process credit cards, so we’ve developed a brief overview of what these changes entail and…
Continued
Types of Security Penetration Testing: Internal, External, & Whatever Your Organization Needs
Coming from a family that has been proudly serving the greater Boston area with innovative, technology-based solutions since 1989, a big part of my life involves staying up-to-date on everything going on in the IT space. When I’m not fielding calls with potential clients or helping existing ones better accomplish their long-term goals, I’m pouring over articles and other resources about the latest tips, tricks, trends and best practices that…
Continued
What Has Changed From PCI DSS 3.1 to PCI DSS 3.2?
The Payment Card Industry Security Standards Council (PCI SSC) has published a new version of the industry standard that businesses use to safeguard payment data before, during, and after purchase. PCI Data Security Standard (PCI DSS) version 3.2 replaces previous versions in addressing the growing threats to customer payment information.
Continued
Data Security Compliance: Security Awareness Training & Compliance Requirements
Did you know there are over 8,500 different Local, State, and Federal standards & requirements your organization may be required to comply with? This staggering number can come as a surprise to many. That’s why we’ve taken the time to compile a list of the most common standards which may require your organization to implement a security awareness program.
Continued
Ecommerce Security Tips: How to Protect Your User’s Sensitive Information
Topic: PCI, eCommerce eCommerce security is a constantly evolving topic for any organization, regardless of their size. As the CEO & Cofounder of Trellis, a local full-service design firm, we partner with organizations to develop robust WordPress & Magento websites. One of questions I often face is what a new or smaller business can do to improve their overall eCommerce Security without breaking the bank. Here are a few of…
Continued
What is The Difference Between an Information Technology Audit and a Technology Assessment?
The term Information Technology (IT) Assessment is often convoluted because it is so often portrayed as the simple and easy process of scanning an organization’s existing network. However, this could not be further from the truth. It is important to remember that a formal Technology Assessment is not a Technology Audit. The use of terminology is not just about semantics, but rather expectations. An audit is a required procedure conducted…
Continued
Cyber Security Policy Starter Kit:
10 Critical Policies That Every Company Should Have in Place
