Tag Archives: PCI-DSS

Keeping Customer Credit Card Data Safe With PCI-DSS

What is PCI-DSS? It stands for Payment Card Industry Data Security Standard. PCI-DSS applies to all business that accepts credit card information, stores credit card information , or any information about the cardholder. Yes, even Mom and Pop operations fall under PCI-DSS regulations.

What is good to know that there are 4 different levels that can apply to you. Almost everyone stats off at level 4 if you process less than 20,000 transactions per year. The more transactions your company does, the higher your level will rise. At bare minimum as a level 4 merchant or company, you must complete a Self Assessment Questionnaire, and may have to pass a can of your network by a A.S.V. (Approved Scanning Vendor)
Continue reading

5 security mistakes SMBs make and their simple solutions


Top 5 network security mistakes & their simple solutions

IT resources in small and medium-size businesses are often limited and time savers are welcome. But some security short cuts may put your business at risk costing more than time in the long run. Here are five of the most common security mistakes SMB’s make and their simple solutions.
Continue reading

Choosing the right patch management software


Choosing the right patch management software

For the small to medium size businesses fighting to grow and make a profit automating everyday IT tasks is vital.

Even in larger organizations where IT teams are small and have a lot to do proactive threat management remains a low priority. That’s where automatic vulnerability and patch management comes in. Add deep network analysis and comprehensive risk assessment to the mix and you really have something of great value.
Continue reading

GFI LanGuard® Step by step guide


GFI LanGuard is a leading network security scanner and patch management solution that acts as a virtual security consultant. It gives you a complete picture of your network setup, provides risk analysis and helps you maintain a secure and compliant network with minimal effort. So how does LanGuard work?

Continue reading

Monitoring logons in Windows environments

By Calin Ghibu

The Windows logging system was never designed for ease ofMonitoring-logons-273x300 use. Depending on the audit settings, the information that is logged is rich and can meet the needs of any forensic investigation, but at the same time is cryptic and insufficiently documented. Events are logged in high volumes and support for managing these records is limited within the operating systems themselves.

This is why simple pain points, such as monitoring access to computers or resources, are difficult tasks for Windows admins, but, at the same time, are critical to comply with security best practices, industry standards, legal requirements and to ensure the health of the IT infrastructure. This article is not a deep-dive into the Windows logging system, however, I will provide information that can help admins build structure and consistency when it comes to monitoring access to Windows computers and resources. Continue reading

The Problem with Patching Is – Not Patching!

running-patch-management-300x200

Patching is not something that the IT department really enjoys doing. It is complicated and ongoing. It takes forever and it doesn’t add any actual business value.

Meanwhile you have myriad systems to patch, and endless patches to test and then install. Then you have to do it all over again. And again. And again.

No wonder a recent study by the UK-based Federation of Small Business shows that little more than a third (36%) of small shops patch regularly. Then these shops wonder why they got compromised, or blame their software vendors, especially Microsoft® – a common security punching bag!

Patching, well, patching properly, solves the majority of security problems. In fact 90% of successful exploits are against unpatched systems.

Even environments that should presumably be highly secure too often fail to patch. Last year an audit at the U.S. Department of Energy found that some 60% of their desktops lacked important patches.

Continue reading

Patch management: Fixing vulnerabilities before they are exploited

Introduction

Managing and administering software updates remains one of the most challenging and resource-intensive tasks an IT Department undertakes on a daily basis.

While software updates serve many important roles, be it delivering feature improvements or fixing bugs and security vulnerabilities, they bring with them a number of potential challenges for the IT Department in terms of ensuring systems are up-to-date, that new problems are not introduced by patches designed to fix things, and updates do not create compatibility or instability issues. All this needs to be done while ensuring that updates are pushed to PCs as quickly as possible to prevent vulnerabilities being exploited. The constantly evolving software landscape makes patch management an important consideration for all IT decision makers,regardless of organization size.
Continue reading

GFI White Paper: PCI-DSS compliance and GFI Software™ products

The Payment Card Industry Data Security Standard (PCI DSS)
compliance is a set of specific security standards developed by the
payment brands* to help promote the adoption of consistent data
security measures that are needed to protect sensitive payment card information.

Download The White Paper: PCI-DSS

Why You Need to Consider Having Layered Security within the Organization

Not everyone understands that managed_security_layered_approach_clip_image002network security isn’t just about one specific issue. As a result, many end up not taking the required action to secure their networks. Some businesses believe that investing in an antivirus solution will cover every base.  Some wouldn’t even go that far as they’d think that a good firewall can prevent anything bad from entering the business network. If only they knew how wrong they are.
Continue reading