Best Practices for Vulnerability Scanning

by Sarah Harvey / June 14, 2023

Vulnerability management should be a priority in any organization’s information security program so that there's an established approach for identifying and rating issues affecting in-scope systems in a given environment. Vulnerability scans are a main component of vulnerability management, allowing you to evaluate your systems, software, and infrastructure for unpatched holes and gaps in need of remediation. Let’s talk through some best practices for vulnerability scanning to help you protect…

ISO 27001 Certification vs. ISO 27001 Audit: What’s the Difference?

by Sarah Harvey / December 5, 2023

Do you want to demonstrate your commitment to security to global business partners? An ISO 27001 report provides organizations with an evolving ISMS that can adapt to new challenges and validates your commitment to security. It can also help you prioritize your information security budget and resources based on risk, because ISO 27001 is customized for your environment and your specific risks. Undergoing an ISO 27001 audit is also a…

Compliance with PCI Requirements 9 and 12

by Sarah Harvey / June 13, 2023

The PCI DSS was developed by payment card brands to encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures globally. The PCI DSS consists of nearly 400 individual controls and is a critical part of staying in business for any merchant, service provider, or subservice provider who is involved in handling cardholder data. A PCI audit must be conducted by a QSA. As for the PCI…

What are the 4 Levels of PCI Compliance?

by Sarah Harvey / June 13, 2023

Does your business collect, use, store, process, or transmit payment cardholder information? If so, it’s likely that you’ve heard of the Payment Card Industry Data Security Standard, or PCI DSS. If you haven’t, the PCI DSS is a standard created by major credit card companies, such as Visa, Mastercard, Discovery, American Express, and JCB to establish specific requirements that merchants and service providers must adhere to in order to protect…

Staying Secure While Working from Home

by Sarah Harvey / June 15, 2023

When your employees begin working from a remote workplace, there’s a number of new security threats they can face. While you may already have thorough information security policies and procedures implemented in the workplace, these detailed security controls don’t always transfer to remote work. To mitigate vulnerabilities and protect your remote employees from malicious attacks, make sure you’re following these five tips for remote employees and remote workplaces. 5 Work…