Blog

PCI Requirement 2.1 – Always Change Vendor-Supplied Defaults

by Randy Bartels / December 22, 2022

Why should you change vendor-supplied defaults? Vendor-supplied accounts and passwords pose a serious threat to your organization's security. Although defaults might make installation or even support easier, PCI Requirement 2.1 instructs service organizations to change vendor-supplied defaults because it is pretty simple for hackers to find the vendor-supplied information needed to attack and exploit your system. PCI Requirement 2.1 states, “Always change vendor-supplied defaults and remove or disable unnecessary default…

Introduction to PCI Requirement 2

by Randy Bartels / April 12, 2023

What is PCI Requirement 2? PCI Requirement 2 mandates, “Do not use vendor-supplied defaults for system passwords and other security parameters.” Were you aware that vendor-supplied default passwords and settings are well-known among the hacker community? PCI Requirement 2 was created to fight the malicious individuals who try to compromise systems with the vendor-supplied default information. PCI Requirement 2 focuses on hardening your organization’s systems and assets. We’re here to…

Defining HITRUST CSF Compliance

by Sarah Harvey / February 20, 2023

Why Do You Need a HITRUST CSF Certification? Have you just received “the letter” from a top client indicating you must become HITRUST CSF Certified within “X” months? Did your boss just you for a project timeline on how long it would take to become HITRUST CSF Certified? Do you need to know how to become HITRUST CSF Certified in order to stay competitive in the healthcare market? Are you…

Incident Response Planning: 6 Steps to Prepare your Organization

by Sarah Harvey / February 20, 2023

In this webinar hosted by LockPath, Jeff Wilder discusses the importance of incident response and the steps your organization can take to create an Incident Response Plan. Wondering what incident response is? Incident response is a predetermined approach for identifying and addressing a security incident, which dictates the procedures following detection to minimize the impact. Incident response planning is vital to your organization. Incidents not handled properly have the potential…

Disaster Recovery Plan Steps, Checklist & Processes

by Sarah Harvey / December 19, 2022

When Disaster Strikes, Will You be Prepared? To ensure that operations remain up and running during hurricane, tornado, or rainy seasons, businesses must have a Disaster Recovery Plan that has been developed, tested, and is in place and known to all relevant parties. Hurricanes like Matthew and Sandy have devastated businesses over the last couple of years, and without a well-developed Disaster Recovery Plan, many businesses were left inoperable, damaging…

PCI Requirement 2.1 – Always Change Vendor-Supplied Defaults

Introduction to PCI Requirement 2

Defining HITRUST CSF Compliance

Incident Response Planning: 6 Steps to Prepare your Organization

Disaster Recovery Plan Steps, Checklist & Processes

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.