The Payment Card Industry Data Security Standard (PCI DSS) is required for any organization that processes, stores, or handles transactional financial data. It was first released in 2004, and offers 12 standards that companies must meet in order to claim PCI compliance. However, just because a company meets the PCI standards once doesn’t mean it’s permanently compliant. So if organizations claim PCI compliance, why is it so hard for them to maintain it? Well, the news is not all bad. …

Two factor authentication is widely recommended as a security practice to give an extra layer of protection to your network and personal accounts, but according to security researchers, if you use SMS texts as your second form of authentication, they could be subject to interception and exploitation. Security researchers demonstrated how easily they were able to manipulate the two-factor set up on a Bitcoin wallet account, simply by intercepting the text message sent over the cellular network. Once they reset …

With all the deals that can be found on Black Friday and Cyber Monday, it’s time to start scoring great deals online. But only half of consumers say they can determine whether the site they’re visiting is safe and legitimate, according to a survey by the Global Cyber Alliance. Here’s 6 ways on how to stay safe during the holiday shopping season. Check the URL of the site you’re visiting. Sophisticated phishing attacks can do a great job of making …

We talked a little about serverless computing, and its basic building blocks known as functions in an earlier post. Functions have their own service, conveniently called Function as a Service (FaaS). What are functions, and how do they relate to serverless computing? FaaS is the concept of serverless computing using serverless architectures. It especially affects software developers, who can leverage this concept to deploy an individual “function”, action, or piece of business logic. These functions are expected to start within milliseconds …

Companies in the US are finally starting to pay attention to the General Data Protection Regulation (GDPR) news that’s been coming out of Europe lately, because compliance will be enforced starting May of 2018. That’s not a lot of time to get ready. What is this new regulation, why did it come about, and what does it mean exactly for companies in the U.S.? History behind GDPR What happened to make the EU stand up and say, “Hey, we need …

Cybersecurity journalist Brian Krebs noted on his website the security and simplicity of adding a vocal password to your authentication process when you call a company such as a bank or investment firm to obtain access about your account. Voice passwords are a great idea. They can be a very effective security measure if a hacker calls your bank to open a fraudulent account in your name or requests a large transfer out of your account. Most banks require only your …

What is serverless computing?

Posted on November 1, 2017 by

What is serverless computing? The idea is growing in popularity, but the term honestly sounds like an oxymoron. How does it work, and why should you consider it for your IT organization? Well, the name is a false promise–there are actually servers involved with serverless computing. They just aren’t managed by the organization. A serverless computing model means your cloud provider takes care of adding, removing, and/or adjusting your server resources based upon demand. You end up with a more …

GDPR vs EU-US Privacy Shield

Posted on October 24, 2017 by

The deadline for enforcing GDPR, or General Data Protection Regulation, is only a few months away, and businesses across the US are asking themselves what they need to do to prepare, if anything. What does the new regulation mean for the EU-US Privacy Shield agreement from last year? How does the newest agreement affect companies in the US? We’ll answer a few questions about GDPR and EU US Privacy Shield. What is GDPR? It’s a new framework for data protection …

A security researcher named Mathy Vanhoef of KU Leuven in Belgium has disclosed a vulnerability in the current WPA2 network. All routers that use a WPA2 (which is almost every single WiFi enabled device today) is vulnerable to a Key Reinstallation Attack (KRACK). Information that was once assumed to be safely encrypted, such as messages, passwords, photos, or credit card numbers, can now be read, and in some cases, manipulated. The problem is unfortunately not with a specific product, but rather …

According to a report published by Transparency Market Research, the market for Data Protection as a Service (DPaaS) is expected to reach $46 billion by 2024. What is DPaaS, and how does it compare to the well-established backup and DR markets? Are they the same? Let’s start with a broader picture. There are three basic levels of data protection: Offsite backup, disaster recovery, and data protection as a service. Offsite backup traditionally means taking drives and storing them somewhere else, such as your …

Get started now. Exceptional service awaits.

Live Chat