Blog

Featured
Further Clarification on SAQ A Updates: Requirements 6.4.3 and 11.6.1
2025 Forensic Predictions
Read now
trending_flat
What are the 12 Requirements of PCI DSS Compliance?
Read now
trending_flat
What is HITRUST Compliance?
Read now
trending_flat
Are HTTP Websites Insecure?

There are two website prefixes: One shows the site you are on is secure (HTTPS), and the other does not (HTTP).

Stop Looking for a Mobile Phone Security Standard

If businesses are determined to provide mobile solutions, it is their responsibility to educate themselves, ensure the security of the solution, and know the risk they’re taking upon themselves.

The Dos and Don'ts of Storing Credit Card Information

An example of insecure credit card number storage comes from one of our PCI assessors, where a company explained how they processed their credit cards.

Front Desk Security: Eliminate Internet Browsing on Check-In Machines

Can customer service and front desk security co-exist?

Auditing Archives: The Case of the Evil JavaScript

Internet browsing on point-of-sale (POS) or property management machines that have the capability to take credit cards is a one-way ticket to data compromise.

How to Configure a Firewall in 5 Steps

The following guidance will help you understand the major steps involved in firewall configuration.

Understanding the HIPAA Application of Firewalls

Like a security guard, firewalls control what goes in and what comes out.

What Is Social Engineering? Social Engineering Examples

Protect sensitive data from social engineering attacks.

2014 Infographic - 63% of businesses don't encrypt credit cards

This is our third study on stored, unencrypted card data. When compared to last year, the storage has actually decreased.

Auditing Archives: The Case of the Overly Helpful Front Desk Clerk

Front desk clerks are friendly…sometimes to a fault, but friendly doesn’t necessarily equal secure.

Fire, Shred, Pulp: How to Properly Destroy Sensitive Documents

The HHS says shredding, burning, pulping, and pulverizing are the only way these records should be destroyed.

HIPAA Alphabet Soup: Unjumbling the Jargon

HIPAA includes many such acronyms, mostly security-related.

PCI 3.0: What You Need to Know

This blog covers the important changes from PCI DSS version 2.0 and 3.0.

10 Tips for Keeping Security in the Budget

Security doesn’t have to be expensive to be effective. Here are 10 tips for effective, reasonable security.

Is Working From Home HIPAA Compliant?

Attackers target organizations that utilize remote access applications.

Warbiking: Hacking with Your Helmet On

Hackers bike around the city with their laptops in a discreet backpack (or strapped in a bike trailer) and search for unprotected wireless networks.

HIPAA Social Media Compliance

Employees who irresponsibly use social media can potentially invite some serious HIPAA violations.

Is Your Credit Card Data Leaking?

Learn how you can reduce your liability by learning about the hazards of ‘unintended’ credit card storage.

Hacking Trends 2014: Hackers Actually Clean Up After Themselves

Hackers are getting smarter than our automated detection tools.

PCI – You Don't Have to be Perfect

These service guarantees exist to address the financial hardships your business might endure in the aftermath of a compromise.

Why Encryption is (Sometimes) Not Enough

There’s only one way to avoid leaving ten-second holes in security. Encrypt card data at the exact millisecond of collection.

Forensic Files: The Case of the Stockpiled Credit Cards

Hopefully, you'll realize some actions you should take to ensure your own business’ security.

Forensic Files: The Case of the Mistaken Malware

The best way to inspire better security practices is to show examples of true security blunders.

Forensic Files: The Case of the Suspiciously Flawless Investigation

What happens when forensic investigators can’t find evidence of a compromise?

Stay up to date
Subscribe to our blog.
Subscribe Now
Data Security
Vulnerability ScanningPenetration TestingSecurity TrainingPANscan®SecurityMetrics VisionSecurityMetrics MobileCIS Controls AssessmentConsultingResellerForensic/Incident ResponseData and Network SecurityData Security AcademyWebpage Integrity Monitoring (WIM)Shopping Cart InspectShopping Cart Monitor (PCI 6.4.3 & 11.6.1)SecurityMetrics Pulse
Compliance
GDPR CompliancePCI CompliancePCI DSS AuditPCI Level 4 ProgramPA-DSS/SSF AuditP2PE AuditPIN Security AssessmentPCI PoliciesPCI TrainingHIPAA ComplianceHIPAA PoliciesHIPAA TrainingHealth Network ProgramHITRUST
Company Info
About UsBlogGlossaryMedia RelationsCareersTerms of UsePrivacyAbuseDo Not Sell My Information
Contact
Contact UsReport a Vulnerability
SecurityMetrics podcast logoLinkedIn logoFacebook logo
© 2025 SecurityMetrics, Inc. All rights reserved.
Privacy PolicyTerms and Conditions
Your IP Address is:
YouTube logoSecurityMetrics podcast logoLinkedIn logoFacebook logo
Subscribe to our blog
Subscribe Now
© 2025 SecurityMetrics, Inc. All rights reserved.
Privacy Policy
|
Terms and Conditions
|
Your IP Address is:
000.000.000.000