ControlScan
ControlScan
Blog Post

New blog articles detected.

  • Compliance or Security: What are you trying to accomplish?
    I’ve been an information security assessor (PCI, HIPAA, ISO, etc.) for a long time and it’s always interesting to find out why a company has brought me in to do an assessment. Is the goal to shore up their existing security environment, or just check a compliance box to make one of their clients or vendors happy? The answer to that question will usually determine the assessment’s success. The pos...
ControlScan
ControlScan
Blog Post

New blog articles detected.

  • 2017 Threat Monitoring, Detection and Response Report
     Are Organizations Prepared Against Today's Advanced Cybersecurity Threats? Download your free copy of this timely research report. Information security teams worldwide are increasingly concerned about the rapid growth of cyber threats. To address this concern and provide peer insights, Crowd Research Partners and ControlScan, in partnership with the 370,000+ member Information Security Community ...
ControlScan
ControlScan
Blog Post

New blog articles detected.

  • Don’t Confuse P2PE and Firewall Functionality
    The ability to devalue credit card data has made point-to-point encryption (P2PE) technology a hot topic among franchisors. And what’s not to love? With a PCI P2PE solution in place, your franchise can check off that PCI compliance box as well as rest assured that your payment transactions are safe and secure. But is securing your credit card transactions between the POS and the payment processor ...
ControlScan
ControlScan
Blog Post

New blog articles detected.

  • Upping the Ante on Payment Card Data Security
    Payment card data security isn’t a new concept, yet businesses everywhere still can’t get it right. The payment card industry has a growing body of standards, merchants and technology providers strive to follow them, and consumers continue to demand them. But payment card data breaches still happen. Regularly. Why? It's time we upped the ante on our efforts to help merchants protect themselves. Th...
ControlScan
ControlScan
Blog Post

New blog articles detected.

  • Penetration Tests vs. Vulnerability Scans: What’s the Difference?
    Penetration Tests and Vulnerability Scans: Know the important differences. Penetration testing and vulnerability scanning are both required by the Payment Card Industry Data Security Standard (PCI DSS), but there is often confusion about the differences between the two services. This document offers clarification on how to differentiate between penetration tests and vulnerability scans. Vulnerabil...
ControlScan
ControlScan
Blog Post

New blog articles detected.

  • The ROI of an MSSP
    Looking for managed security services ROI? A key value of any reputable Managed Security Service Provider (MSSP) is its ability to maintain a team of security professionals possessing an array of credentials and experience in the various aspects of protecting your business. The ControlScan Managed Security Services ROI infographic is an example of savings over […] The post The ROI of an MSSP appea...
ControlScan
ControlScan
Blog Post

New blog articles detected.

  • MSP versus MSSP: Like Apples & Oranges
    What's the difference between an MSP and an MSSP? A Managed Service Provider (MSP) ensures your IT systems are operational, but a Managed Security Service Provider (MSSP) offers true security as a service, ensuring your people and systems are safe, secure and compliant. The ControlScan MSP versus MSSP infographic depicts the differences between the two […] The post MSP versus MSSP: Like Apples & O...
ControlScan
ControlScan
Blog Post

New blog articles detected.

ControlScan
ControlScan
Page Metadata Update

New page title detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page title detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page title detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page title detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page title detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page title detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page title detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page description detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page description detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page description detected.

  • New: The IT security perimeter is changing. As an IT security assessment professional, my job is to look at companies’ data security zones and their network perimeter compliance. I am looking at the normal stuff: Firewalls, servers and hardening standards as required by PCI, HIPAA, ISO 27001, etc.  Without properly implemented and maintained security technologies in place, it’s impossible to protect your perimeter from compromise. But are you truly clear on what that perimeter is? The fact is, the traditional IT security perimeter has been replaced by an ever-changing landscape of mobile devices. IT mobility requires a whole new viewpoint. Mobile devices have expanded the IT security perimeter, making it necessary to redefine how network security is scoped and reviewed. As an example, employees utilize smart phones and tablets that have access to company email; there are apps on these devices that allow access to a secure portal where sensitive company information is stored; and who kn
ControlScan
ControlScan
Page Metadata Update

New page description detected.

  • New: Don’t miss important lessons from the WannaCry ransomware attack. Last week was a rough one in the IT world, as organizations around the globe scrambled to avoid being caught up in the WannaCry ransomware attack. If your organization was spared this round, it doesn’t mean you should pat yourself on the back and move on, business as usual. Fact is, most organizations aren’t at a state of security maturity that affords them this level of comfort. Ensure that you’ve mastered the basics. Sometimes the most fundamental IT security activities are overlooked. The healthcare industry is especially vulnerable to this happening, and we saw that with the WannaCry ransomware attack.   But it’s not just healthcare that can learn lessons in these situations, so here is my list of 5 things any IT professional can learn from the WannaCry ransomware attack:Data backups are business critical (ensure they’re conducted frequently and tested to validate that the recovery process works). Traditional an
ControlScan
ControlScan
Page Metadata Update

New page description detected.

  • New: FTP: A convenient asset, or an unassuming enemy? Recently, the FBI issued a data security warning to medical and dental organizations using insecure File Transfer Protocol (FTP) servers. The warning states that threat actors are targeting anonymous FTP servers to access protected health information (PHI) and personally identifiable information (PII). FTP servers are essential for sharing files and data, but healthcare providers continue to utilize them in an insecure manner. Just last year, my team saw this in action within a large healthcare organization. They had internal devices using standard protocols like FTP and HTTP to transmit PHI and other sensitive data between departments, as well as externally to outside vendors—and all these communications were unsecured via an anonymous server. What happens when FTP goes wrong? In the case of the healthcare organization mentioned above, the data being transferred was supposed to be encrypted prior to uploading to their anonymous FTP
ControlScan
ControlScan
Page Metadata Update

New page description detected.

  • New: FTP: A convenient asset, or an unassuming enemy? Recently, the FBI issued a data security warning to medical and dental organizations using insecure File Transfer Protocol (FTP) servers. The warning states that threat actors are targeting anonymous FTP servers to access protected health information (PHI) and personally identifiable information (PII). FTP servers are essential for sharing files and data, but healthcare providers continue to utilize them in an insecure manner. Just last year, my team saw this in action within a large healthcare organization. They had internal devices using standard protocols like FTP and HTTP to transmit PHI and other sensitive data between departments, as well as externally to outside vendors—and all these communications were unsecured via an anonymous server. What happens when FTP goes wrong? In the case of the healthcare organization mentioned above, the data being transferred was supposed to be encrypted prior to uploading to their anonymous FTP
ControlScan
ControlScan
Page Metadata Update

New page description detected.

  • New: Tax Day is April 18th. Historically speaking, tax season is prime for tax-themed scams and social engineering attacks. Specifically, the number of W-2 tax phishing scams have peaked recently. Attackers and social engineers begin by targeting finance and HR departments with spear phishing emails that spoof C-level executives and request employee W-2 forms.Recently, a cybersecurity firm fell victim to a W-2 phishing scam and had to inform its employees that their W-2 tax data had been compromised. Remain vigilant. Fraudsters, cyber crooks and the rest of the Internet bad guys are using a va
ControlScan
ControlScan
Page Metadata Update

New page description detected.

  • New: Ransomware is the smash-and-grab of cyber attacks. The popularity of ransomware among cyber thieves continues to grow, not just in America but around the globe. Ransomware victims paid over a billion dollars in 2016 for decryption keys in the hopes that their data would be unlocked. Sometimes it was, sometimes it wasn't. These were businesses of all sizes, but small and mid-sized businesses were hit the hardest. Yes, it is possible to avoid ransomware. At ControlScan, we frequently talk about defense in depth and the layering of security technologies. Here are five things you can do now t

Out-Market Your Competitors?

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account Log in

By signing up, you agree to the Terms of Service and Privacy Policy.

Out-Market Your Competitors

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account

Already a user?  Log in

By signing up, you agree to the Terms of Service and Privacy Policy.