ControlScan
ControlScan
Blog Post
  • What happens when a small business experiences a credit card data breach?  Watch this ControlScan video to hear Carla describe the POS security mistake that led her restaurant to lose more than $100,000 to a small business data breach. Small business owners will find Carla's experience and advice invaluable in helping them avoid what she […] The post The Anatomy of a Small Business Data Breach app...

ControlScan
ControlScan
Blog Post
  • Security threat management is an increasingly complex puzzle. According to the 2017 Threat Monitoring, Detection and Response Report, 62% of IT security professionals say their biggest cybersecurity challenge is detecting advanced threats.  Security threat management is an increasingly complex puzzle of people, processes and technology. How can your team overcome this challenge and stop cyber […] ...

ControlScan
ControlScan
Blog Post
  • These days many organizations do not feel confident about their ability prevent a data breach, mainly because they feel they can’t trust the humans working for them. And for good reason! Cyber criminals continue to exploit the human element, which was blamed for over 400 reported data breaches and 7.6 million+ compromised records in 2016. Regardless of whether the employee is knowingly part of a m...

ControlScan
ControlScan
Blog Post
  • I’ve been an information security assessor (PCI, HIPAA, ISO, etc.) for a long time and it’s always interesting to find out why a company has brought me in to do an assessment. Is the goal to shore up their existing security environment, or just check a compliance box to make one of their clients or vendors happy? The answer to that question will usually determine the assessment’s success. The pos...

ControlScan
ControlScan
Blog Post
  •  Are Organizations Prepared Against Today's Advanced Cybersecurity Threats? Download your free copy of this timely research report. Information security teams worldwide are increasingly concerned about the rapid growth of cyber threats. To address this concern and provide peer insights, Crowd Research Partners and ControlScan, in partnership with the 370,000+ member Information Security Community ...

ControlScan
ControlScan
Blog Post
  • The ability to devalue credit card data has made point-to-point encryption (P2PE) technology a hot topic among franchisors. And what’s not to love? With a PCI P2PE solution in place, your franchise can check off that PCI compliance box as well as rest assured that your payment transactions are safe and secure. But is securing your credit card transactions between the POS and the payment processor ...

ControlScan
ControlScan
Blog Post
  • Payment card data security isn’t a new concept, yet businesses everywhere still can’t get it right. The payment card industry has a growing body of standards, merchants and technology providers strive to follow them, and consumers continue to demand them. But payment card data breaches still happen. Regularly. Why? It's time we upped the ante on our efforts to help merchants protect themselves. Th...

ControlScan
ControlScan
Blog Post
  • Penetration Tests and Vulnerability Scans: Know the important differences. Penetration testing and vulnerability scanning are both required by the Payment Card Industry Data Security Standard (PCI DSS), but there is often confusion about the differences between the two services. This document offers clarification on how to differentiate between penetration tests and vulnerability scans. Vulnerabil...

ControlScan
ControlScan
Blog Post
  • Looking for managed security services ROI? A key value of any reputable Managed Security Service Provider (MSSP) is its ability to maintain a team of security professionals possessing an array of credentials and experience in the various aspects of protecting your business. The ControlScan Managed Security Services ROI infographic is an example of savings over […] The post The ROI of an MSSP appea...

ControlScan
ControlScan
Blog Post
  • What's the difference between an MSP and an MSSP? A Managed Service Provider (MSP) ensures your IT systems are operational, but a Managed Security Service Provider (MSSP) offers true security as a service, ensuring your people and systems are safe, secure and compliant. The ControlScan MSP versus MSSP infographic depicts the differences between the two […] The post MSP versus MSSP: Like Apples & O...

ControlScan
ControlScan
Blog Post
  • Tiny Effort, Enormous Results: How to Successfully Partner with an IT Managed Security Service Provider Today, many small and mid-sized businesses are operating with lean IT staffing and insufficient cybersecurity expertise. To fully protect their businesses from cybercrime, IT leaders are now looking to the Managed Security Service Provider to save the day. But reaping […] The post Tiny Effort, E...

ControlScan
ControlScan
Page Metadata Update

New page title detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page title detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page title detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page title detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page title detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page title detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page title detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page description detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page description detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page description detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page description detected.

  • New: Don’t miss important lessons from the WannaCry ransomware attack. Last week was a rough one in the IT world, as organizations around the globe scrambled to avoid being caught up in the WannaCry ransomware attack. If your organization was spared this round, it doesn’t mean you should pat yourself on the back and move on, business as usual. Fact is, most organizations aren’t at a state of security maturity that affords them this level of comfort. Ensure that you’ve mastered the basics. Sometimes the most fundamental IT security activities are overlooked. The healthcare industry is especially vulnerable to this happening, and we saw that with the WannaCry ransomware attack.   But it’s not just healthcare that can learn lessons in these situations, so here is my list of 5 things any IT professional can learn from the WannaCry ransomware attack:Data backups are business critical (ensure they’re conducted frequently and tested to validate that the recovery process works). Traditional an
ControlScan
ControlScan
Page Metadata Update

New page description detected.

  • New: FTP: A convenient asset, or an unassuming enemy? Recently, the FBI issued a data security warning to medical and dental organizations using insecure File Transfer Protocol (FTP) servers. The warning states that threat actors are targeting anonymous FTP servers to access protected health information (PHI) and personally identifiable information (PII). FTP servers are essential for sharing files and data, but healthcare providers continue to utilize them in an insecure manner. Just last year, my team saw this in action within a large healthcare organization. They had internal devices using standard protocols like FTP and HTTP to transmit PHI and other sensitive data between departments, as well as externally to outside vendors—and all these communications were unsecured via an anonymous server. What happens when FTP goes wrong? In the case of the healthcare organization mentioned above, the data being transferred was supposed to be encrypted prior to uploading to their anonymous FTP
ControlScan
ControlScan
Page Metadata Update

New page description detected.

  • New: FTP: A convenient asset, or an unassuming enemy? Recently, the FBI issued a data security warning to medical and dental organizations using insecure File Transfer Protocol (FTP) servers. The warning states that threat actors are targeting anonymous FTP servers to access protected health information (PHI) and personally identifiable information (PII). FTP servers are essential for sharing files and data, but healthcare providers continue to utilize them in an insecure manner. Just last year, my team saw this in action within a large healthcare organization. They had internal devices using standard protocols like FTP and HTTP to transmit PHI and other sensitive data between departments, as well as externally to outside vendors—and all these communications were unsecured via an anonymous server. What happens when FTP goes wrong? In the case of the healthcare organization mentioned above, the data being transferred was supposed to be encrypted prior to uploading to their anonymous FTP

Out-Market Your Competitors?

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account Log in

By signing up, you agree to the Terms of Service and Privacy Policy.

Out-Market Your Competitors

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account

Already a user?  Log in

By signing up, you agree to the Terms of Service and Privacy Policy.