Due Diligence NOT dENY, dENY, dENY

2 posts published in May 2017

Information Security

May 4, 2017

 

Information Security: Three Main Types of Controls and Examples


Administrative

o Laws
o Regulations
o Policies
o Practices
o Guidelines


 Logical

o Virtual
o Application
o Technical Controls: Firewalls, Antivirus software, Encryption


Physical

o Video surveillance
o Keyed/Secured/Bio-security access
o Barricades
o Guards
o Monitoring

 

Read more

PCI - DSS

May 5, 2017

PCI – DSS
Payment Card Industry – Data Security Standards


The 12 Security Required Controls* apply to all system components that are included in or connected to the payment card data environment:

Build and Maintain a Secure Network and Systems


Install and maintain firewall configuration to protect credit card data
Do not use vendor defaults for system passwords and other security parameters

Protect Cardholder Data
Protect stored Credit Card Data
Encrypt transmission of credit card data...

Read more
<< Previous Next >>