News and Information RSS Feed News and Information: security
Understanding Enterprise RFP Requirements: Reliability, Uptime, and Performance SLAs
The central document that outlines the reliability, uptime, and performance of the technology services is the Service Level Agreement (SLA) which lays out the service level provided as well as how the services are measured and what the remedies are should the service levels not be met.
Understanding Enterprise RFP Requirements: Security – Access Control and Authentication
Beyond basic username and password credentials, the RFP is likely to ask for one or more of several other authentication arrangements or methods, including methods that allow nuanced access and considerations that tie spend management or purchasing permissions to user authentication.
Understanding Enterprise RFP Requirements: Security – Sensitive Data and Consumer Privacy
This installment of our RFPs & Rising Technology Demands series examines sensitive data and consumer privacy, including PII, cardholder data and consumer privacy laws that are often cited in RFPs seeking digital commerce.
Understanding Enterprise RFP Requirements: Security
This installment in our RFPs and Rising Technology Demands series provides an overview of security requirements, terms, policies, procedures, standards, frameworks, and more often found in RFPs.
HTTPS or Bust: Google Continues Squeezing Out the Unencrypted Web
Understanding the California Consumer Privacy Act (CCPA), aka ‘GDPR-Lite’
Once it takes effect on Jan. 1, 2020, the CCPA will become the strictest consumer privacy protection law in the United States.
The Case for Complying With GDPR
It’s the rising demand for consumer protections that needs your attention, if not necessarily the GDPR itself.
Latest Google Chrome Browser Makes HTTPS the Expectation
A PCI Security Deadline Could Halt Your Payment Card Processing or Draw Fines
June 30 was the deadline set by the Payment Card Industry (PCI) Data Security Standards (DSS) Council to retire Transport Layer Security (TLS) 1.0 encryption.
Payment Card Tokenization: Reducing Risk and Responsibility of PCI Compliance
With Tokenization, even if a credit card thief wanted to get into your system, and did get into your system, there would be nothing to take but the worthless tokens.
FAQ: PCI Mandate to Retire TLS 1.0, SSL
The Payment Card Industry (PCI) Security Standards Council is strengthening its encryption standards to discontinue use of Transport Layer Security (TLS) 1.0 and Secure Socket Layers (SSL) in secure credit card transactions.
Essent and its Products and Services Unaffected by WannaCry Ransomeware
A critical and widespread ransomware attack known as Wanna Cry is affecting Microsoft Windows operating systems.
October is Cyber Security Awareness Month
October is National Cyber Security Awareness Month as designated by the U.S. Department of Homeland Security. But, as a practical matter, every month should be Cyber Security Awareness Month.