Blog

Anti-Virus Best Practices: 5 Tools to Protect You

by Sarah Harvey / June 14, 2023

Anti-virus versus anti-malware - what’s the difference? These two categories of protective tools are often misunderstood. It stems from confusion between viruses and malware. A virus is code that can damage your computer, system, and data by copying itself. Malware is used as a catch-all term for malicious software such as spyware, ransomware, trojans, adware, worms, and viruses. Malware is ever evolving whereas viruses have been around for a long…

Best Practices for Vulnerability Scanning

by Sarah Harvey / June 14, 2023

Vulnerability management should be a priority in any organization’s information security program so that there's an established approach for identifying and rating issues affecting in-scope systems in a given environment. Vulnerability scans are a main component of vulnerability management, allowing you to evaluate your systems, software, and infrastructure for unpatched holes and gaps in need of remediation. Let’s talk through some best practices for vulnerability scanning to help you protect…

ISO 27001 Certification vs. ISO 27001 Audit: What’s the Difference?

by Sarah Harvey / December 5, 2023

Do you want to demonstrate your commitment to security to global business partners? An ISO 27001 report provides organizations with an evolving ISMS that can adapt to new challenges and validates your commitment to security. It can also help you prioritize your information security budget and resources based on risk, because ISO 27001 is customized for your environment and your specific risks. Undergoing an ISO 27001 audit is also a…

Compliance with PCI Requirements 9 and 12

by Sarah Harvey / June 13, 2023

The PCI DSS was developed by payment card brands to encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures globally. The PCI DSS consists of nearly 400 individual controls and is a critical part of staying in business for any merchant, service provider, or subservice provider who is involved in handling cardholder data. A PCI audit must be conducted by a QSA. As for the PCI…

What are the 4 Levels of PCI Compliance?

by Sarah Harvey / June 13, 2023

Does your business collect, use, store, process, or transmit payment cardholder information? If so, it’s likely that you’ve heard of the Payment Card Industry Data Security Standard, or PCI DSS. If you haven’t, the PCI DSS is a standard created by major credit card companies, such as Visa, Mastercard, Discovery, American Express, and JCB to establish specific requirements that merchants and service providers must adhere to in order to protect…

Anti-Virus Best Practices: 5 Tools to Protect You

Best Practices for Vulnerability Scanning

ISO 27001 Certification vs. ISO 27001 Audit: What’s the Difference?

Compliance with PCI Requirements 9 and 12

What are the 4 Levels of PCI Compliance?

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.