Tuesday Sep 26

Archive for the ‘SMB’ Category

An SMB Guide to Credit Card Regulations: Part II- The Low-Hanging Fruit- Networks and Users [Dark Reading]
Last Updated on Wednesday, 3 November 2010 10:04
Written by jj
Wednesday, November 3rd, 2010

The PCI Security Standards Council has created a document outlining a prioritized approach to help businesses comply with PCI DSS. It’s a way to grab the low-hanging fruit, helping businesses tackle some of the more simple tasks that can provide a greater security ROI. I’ve boiled it down here to help small to midsize businesses get started.The official document is about 15 pages of an organized chart, outlining tasks and subtasks as they relate to the PCI DSS requirements and the six primary milestones of the Prioritized Approach document. Those six milestones and goals are:

1: Remove sensitive data and limit data retention
2: Protect the networks
3: Secure payment card software applications
4: Monitor and control access to your systems
5: Protect stored cardholder data
6: Finalize remaining compliance efforts, and ensure controls are in place to meet the rest of the PCI DSS requirements.

Instead of regurgitating the dozen or so pages of itemized tasks, I thought it would be more useful to identify a set of specific tasks for small businesses to address, by category. Each task relates to one or more milestones in the Prioritized Approach and helps achieve one or more of the PCI DSS requirements.


Read the entire article at Dark Reading

# # #

Tags: , ,   |  Posted under SMB, White Papers & Guides  |  Comments  No Comments
An SMB Guide to Credit Card Regulations: Part I- PCI DSS Q&A [Dark Reading]
Last Updated on Thursday, 21 October 2010 01:54
Written by jj
Thursday, October 21st, 2010

This article is the first in a short series designed to help small businesses understand the regulations around securing credit card transactions, specifically the PCI DSS (Payment Card Industry’s Data Security Standard) requirements.

In an effort to provide the most tangible information, I’ve consulted with a Qualified Security Assessor (QSA). Portions of content and resources in this series have been contributed by trusted security colleague, Martin McKeay, QSA and host of the Network Security Podcast.

Let’s jump right in and start looking at some of the most intriguing questions surrounding the PCI DSS requirements, as they apply to smaller businesses.

Read the entire article at Dark Reading

# # #

Tags: , ,   |  Posted under SMB  |  Comments  No Comments
Five Main Causes Of SMB Security Incidents [Dark Reading]
Last Updated on Monday, 27 September 2010 06:16
Written by jj
Monday, September 27th, 2010

This article includes a few insights you might enjoy, based on real incidents at small businesses.

Like you, I have read many articles covering small business security, the authors of which have made up various lists of “top X threats” or “this year’s biggest vulnerabilities,” etc. So I thought it would be interesting to dig into a sampling of the data breach reports and collect some real data on causes of breaches and other security incidents in SMBs.

Here are the five primary causes that were repeated in the vast majority of reports from small businesses (in order of most offenses to fewest)…

Read the entire article at Dark Reading


# # #

Tags: ,   |  Posted under SMB  |  Comments  No Comments
Choosing the Right Firewall for Your Small Business [Dark Reading]
Last Updated on Monday, 23 August 2010 04:39
Written by jj
Monday, August 23rd, 2010

After the last post, Four Must-Have SMB Security Tools, readers had a lot of questions about selecting the right firewall for an SMB. Although I’ve answered each of those emails, those questions are a great segue to this topic: choosing the right firewall for your SMB.

If you’re not sure where to start, there are some key questions you should think about and have ready for discussion with your potential firewall vendor or integrator. Keep in mind, each environment is unique, and a quality integrator might have additional questions for you.”

Find this article on Dark Reading’s SMB Security Tech Center at:

Tags: , ,   |  Posted under SMB  |  Comments  No Comments
Four Must-Have SMB Security Tools [Dark Reading]
Last Updated on Thursday, 29 July 2010 08:57
Written by jj
Thursday, July 29th, 2010

“Regardless of their size, many SMBs still need to meet strict compliance regulations, such as PCI and HIPAA. In addition to any special requirements, there are a few security technologies every small business should have in place. Here are my four SMB security must-haves. …”

Find this article on Dark Reading’s SMB Security Tech Center at:

Tags: , , ,   |  Posted under SMB  |  Comments  2 Comments

More Content

Find more of my content at
- Low Tech Hacking book
- Dark Reading
- Network Computing
- SearchSecurity
- TechTarget

Get Social



Enter your email address:

Delivered by FeedBurner