Saturday Oct 21

Archive for the ‘White Papers & Guides’ Category

An SMB Guide to Credit Card Regulations: Part II- The Low-Hanging Fruit- Networks and Users [Dark Reading]
Last Updated on Wednesday, 3 November 2010 10:04
Written by jj
Wednesday, November 3rd, 2010

The PCI Security Standards Council has created a document outlining a prioritized approach to help businesses comply with PCI DSS. It’s a way to grab the low-hanging fruit, helping businesses tackle some of the more simple tasks that can provide a greater security ROI. I’ve boiled it down here to help small to midsize businesses get started.The official document is about 15 pages of an organized chart, outlining tasks and subtasks as they relate to the PCI DSS requirements and the six primary milestones of the Prioritized Approach document. Those six milestones and goals are:

1: Remove sensitive data and limit data retention
2: Protect the networks
3: Secure payment card software applications
4: Monitor and control access to your systems
5: Protect stored cardholder data
6: Finalize remaining compliance efforts, and ensure controls are in place to meet the rest of the PCI DSS requirements.

Instead of regurgitating the dozen or so pages of itemized tasks, I thought it would be more useful to identify a set of specific tasks for small businesses to address, by category. Each task relates to one or more milestones in the Prioritized Approach and helps achieve one or more of the PCI DSS requirements.


Read the entire article at Dark Reading

# # #

Tags: , ,   |  Posted under SMB, White Papers & Guides  |  Comments  No Comments
Universal NAC Feature Model document
Last Updated on Saturday, 28 January 2012 06:37
Written by jj
Monday, March 8th, 2010

Universal NAC Feature Model document: 
A guide to model and compare NAC solutions (more…)

NAC document finally released: Catching the Unicorn
Last Updated on Saturday, 28 January 2012 06:42
Written by jj
Friday, September 18th, 2009


Many of you know I’ve been working on this document for the better part of a year now. The concepts and ideas came together quickly during a flight from the West coast, but transforming all the thoughts to a cohesive document for a broader audience has taken a lot of time and help.

Don’t be put off by the name. Believe it or not, the title has an actual meaning. I hope you’ll read the first pages of the document to understand where the title came from and why it’s relevant. (more…)

Catching the Unicorn: A technical exploration of why NAC is failing
Last Updated on Saturday, 28 January 2012 06:42
Written by jj
Friday, September 18th, 2009

Catching the Unicorn:
A technical exploration of why NAC is failing (more…)

Content Filtering in Schools: Best Practices for K-12
Last Updated on Tuesday, 12 August 2008 03:14
Written by JJ
Sunday, December 2nd, 2007

Introduction from one of my white papers ‘Content Filtering in Schools: Best Practices for K-12’. Some of my customers call it the infamous ‘Booby Paper’. Find out why! You can read the full White Paper online at

I don’t care if they see boobies!” Yes, it was just as silly the first time I accidentally blurted that out, but it got the point across. That comment embodies the purpose of this document- to bring attention to the full spectrum of risks and considerations of Internet usage in schools. …  I’ve come to realize that there is a large communication gap between the educators who have to deal with these issues in the classroom and the technologists who have to enforce policies behind the scenes. Included is relevant information also for parents, so they may be aware of these issues and can remain pro-actively involved in their children’s’ ‘virtual’ life.

# # #

More Content

Find more of my content at
- Low Tech Hacking book
- Dark Reading
- Network Computing
- SearchSecurity
- TechTarget

Get Social



Enter your email address:

Delivered by FeedBurner