IT Risk Assessment
To prevent any risk of a security breach, it is always a good idea to conduct a periodic risk assessment. A risk assessment will help identify the areas where your company is most susceptible to an attack from a hacker or thief. The fall-out from a security breach is enough to shutdown any business, but has the greatest impact on small businesses. In the event of a security breach a business could be hit with fines, additional compliance requirements, as well as bad publicity, any of which could be enough to force a business to close its doors and be out-of-business. Making security a priority and routinely assessing your security posture can protect your company against potential threats and reduce its risk exposure.
PCI Task Calendar
PCI compliance is comprised of over 200 individual requirements. Many of the requirements in the PCI DSS must be maintained throughout the year and conducted on a recurring basis. To help your organization stay on top of PCI compliance and be prepared for the next PCI assessment, we have put together a list of key requirements and recurring tasks.
Vulnerability Scanning from AWS
At Aeris Secure, we really enjoy Amazon's infrastructure, AWS. Like most organizations, we went from having a sense of pride in our nice physical servers to eventually resenting the trips to the collocation that cloud providers make unnecessary. We enjoy all of the services that one can access with the flip of a switch, most of which require little configuration and monitoring overhead to keep running.
Dairy Queen Data Breach Impacts Arizona Business Owners
After a few weeks of speculation, Diary Queen has confirmed that nearly 400 locations were compromised in a recent data security breach. Among the 400 locations affected, 9 were local Arizona businesses.
Wi-Fi for SMB - Things to Consider
I came across a good little article [^1] earlier in the week about setting up guest Wi-Fi and I think it should really hit home with many small business owners. Simply throwing up a wireless access point and connecting it to the rest of your network so guests can have internet access is a great way to cause yourself a whole lot of pain. Not only does doing something like that have harsh PCI compliance ramifications, your systems are wide open to anyone connecting to your Wi-Fi. Depending on the range your access point allows you could have a data breach without the attacker even setting foot on your property giving any physical controls you may have in place a zero chance of working.