Are Data Privacy and GDPR the Same Thing?

As you may already know, one of the biggest changes to EU data protection rules is coming into effect on May 25, 2018. The General Data Protection Regulation (GDPR) is a wide-ranging set of rules you must follow when collecting, processing, and storing an individual’s personal data. Some of its key aims are to strengthen and harmonise data protection legislation …

Read more...

7 Essential Components of Effective Data Privacy Training

“When it comes to privacy and accountability, people always demand the former for themselves and the latter for everyone else.” ― David Brin It seems hardly a week goes by without some news of a data breach or cyberattack, but the latest media firestorm involving Facebook has caught the world’s attention and called into doubt companies’ accountability when it comes …

Read more...

Access Control Requirements & PCI-DSS Training

Access Control Requirements & PCI-DSS Training   Access control and account management allow organizations to deny or allow the use of physical or electronic means to reach PAN and cardholder data.  Access may only be granted on a verified, need-to-know basis. Standard physical access control measures include hardware, file cabinet and server room door locks. Here are the PCI-DSS’ requirements for access …

Read more...

Keep Abreast: Mandatory PCI-DSS Policies & Programs

Keep Abreast: Mandatory PCI-DSS Policies & Programs Part of PCI-DSS compliance training involves learning critical policies and programs that identify, minimize and manage risks and security needs. Three of the most common mandatory  training topics for employees are vulnerability management, anti-virus software and application maintenance.   Vulnerability Management Programs PCI-DSS regulations generally require vulnerability management programs that define the systematic and …

Read more...

PCI-DSS Compliance Training – How to Maintain a Secure Network

PCI-DSS Compliance Training – How to Maintain a Secure Network The goal of the PCI-Data Security Standard (PCI-DSS) is to protect cardholder data when it is stored, processed and transmitted. The security controls required by PCI-DSS help protect credit cardholders’ confidential account data and sensitive authentication data. Most payment card transactions use PIN entry devices and computers that are connected by networks …

Read more...

Employee Data Access: 2 Scenarios that Compromise Security

Employee Data Access: Scenarios That Compromise Security Companies are continually challenged with providing appropriate data and system access, not just for new employees but for current ones as well.  Of course, hiring managers want their employees to have access in order to get them up and running as quickly as possible.  In many cases, managers tend to model their requested …

Read more...

Data Privacy and Ransomware Attacks

Data Privacy and Ransomware Attacks The latest trend in cybercrime is the ransomware attack—hackers introduce a virus into a system which shuts down the target’s computer, then the hackers demand money to release the system. The recent WannaCry ransomware attack took down computers in Europe, America, and Asia, before being foiled by a malware specialist. Despite dire warnings from the …

Read more...