PCI Scanning Question

E-mail

Wednesday, 19 January 2011 14:01 Written by Donald E. Hester

From time to time I get interesting or pertinent questions from clients, colleagues and readers. I like to post the answers on my blog because I think more people may have the same question.

Here is a question from a reader:
I am looking to be PCI Compliant for our Community College. I have been reading the rules/regulations of PCI and realize that I have to have an internal network vulnerability scan and penetration tests. As well as a file system monitoring software. Add a comment

Risks in the Clouds

E-mail

Tuesday, 07 September 2010 21:03 Written by Donald E. Hester

The Risks of Cloud Computing

Cloud computing is “all the rage” right now. Does this sound nebulous to you? In a pure sense, cloud computing means taking a highly complex infrastructure such as the Internet and hiding all the complexity from the IT service being provided. Living near San Francisco, I guess a better metaphor would have been "fog" computing in that the fog hides everything from you and you only see what's right in front of you. That's what we are talking about when IT services are in the "cloud." However, most people use the term to mean outsourcing an IT function, service, application, storage or hardware. While that technically is Cloud computing, it is only a subset of what cloud computing really is. For this article, I am going to focus on the outsourcing aspect of cloud computing. Add a comment

PCI Deadline & Fine Question

From time to time I get interesting or pertinent questions from clients, colleagues and readers. I like to post the answers on my blog because I think more people may have the same question.

Here is a question from a reader:
"There has been a lot of confusion on what the actual date of when Cities have to be in compliance before we get charged the crazy fee of $10,000 per day? I heard it was December 31, 2010. But there has been rumors going back and forth. Can you please help clarify this for us? Thank you," Add a comment

ACH Fraud on the Rise

FBI released a warning for local governments and small businesses to be on the lookout for ACH fraud.

The FBI issued a press release concerning a significant increase in the last few months of fraud involving the exploitation of valid online banking credentials belonging to small and medium businesses, municipal governments, and school districts. The scam is a type of phsihing attack, whereby the unsuspecting finance person is lured into installing malicious software. The malicious software hides itself and records everything the person does on their computer. The malicious software will record user names and password used for everything including online banking and ACH. The software will then forward the usernames and passwords to the bad guys who will promptly use the information to transfer funds out of the organization’s bank account. Add a comment

PCI Scanning Question

Risks in the Clouds

The Risks of Cloud Computing

PCI Deadline & Fine Question

ACH Fraud on the Rise

More Articles...

File Downloads

Our Facebook