ControlScan Blog


Stay informed with the latest security + compliance updates, news and best practices.



        Featured        

June 6, 2016Published by

Have you been told your organization needs to comply with certain information privacy and/or security standards, such as PCI, HIPAA, etc.? If so, you may find yourself quickly overwhelmed with all the requirements for bringing people, processes and technology into “compliance.” Yes, compliance can suck.

  Read More   


May 20, 2016Published by

Your Company is Under AttackYour company’s networks are being probed, prodded and attacked countless times every day. Unless you’re watching your logs, you’re likely unaware all this activity is taking place. Awareness, being a critical element of an effective defense, is important to cultivate and nurture.The Science Behind the “Pen Test”How do you gain insight […]

  Read More   


May 2, 2016Published by

Split Decisions Cost Big BucksOne of the worst things that can happen to a convenience store manager is their cooler shutting down without their knowledge. Beer gets warm and food spoils, translating into hundreds of dollars lost.But what’s worse than a cooler shutting down? A firewall “shutdown.”Let’s assume a third party comes in to implement […]

  Read More   


January 25, 2016Published by

Whether it is PAN data (credit card numbers), ePHI, PII or intellectual property, the rationale is all the same; disclosing any sensitive data can be a nightmare for your company or product’s future. This post, however, is focused on cardholder data, because businesses with POS environments are the most commonly breached entities that exist and quite frankly, their average security posture is pretty low.

  Read More   


November 18, 2015Published by


Moving infrastructure and applications to the cloud enables a whole new level of connectedness for your organization and customers. Its accessibility and on-demand scalability make it an ideal platform for many evolving businesses. But, because it changes much of what we know about the traditional IT environment, there are some very real risks involved—even if hosting with a major service provider. Learn more about balancing the risk and reward of going to the cloud.

  Read More   


August 12, 2015Published by

Google has published some interesting statistics in continuation with their #NoHacked campaign: Over the past year, Google has noticed a 180% increase in the number of websites getting hacked. Google also offers some tips to protect your website from getting hacked. Unfortunately, the advice they offer, while good, is very basic and will only protect you to a point.

  Read More   


July 1, 2015Published by

You may have heard that EMV is a safer technology, which is why the banks and card brands want you to use it. So why would I say that EMV is not a security technology?

  Read More   


June 17, 2015Published by

Password managers are a critical component of authentication security. The average user has no less than 40 online accounts, and people who work in IT can easily have over 1000 accounts. Unless you somehow possess the mental capacity to memorize unique, random passwords for all of those accounts, you need a way to securely create and manage passwords for you.

  Read More   


April 17, 2015Published by

Earlier this year, information began to filter out to SMBs regarding America’s shift to EMV payment technology. Unfortunately, you may have found these communications left you with more questions than answers. While it may be confusing, your business’s shift to EMV is essential to its long-term success.

  Read More   


February 4, 2015Published by

The rapid growth and infusion of the Internet of Things (IoT) in everyday life has correspondingly seeped into the workings of everyday business. Security cameras, energy management systems, digital menu boards, kiosks, LED light bulbs, thermostats, medical devices, etc., are examples of Internet-connected components that, when connected to a business network, become points of vulnerability (PoVs) and therefore must be securely managed.

  Read More   


December 2, 2014Published by

Last week, Inc.com featured a great piece by Electronic Transactions Association CEO Jason Oxman. “A Cybersecurity Checklist for Online Retailers” lists important steps online startups and small businesses can take to protect sensitive data. As the U.S. migrates to EMV (i.e., chip cards), it is expected that fraud activity in the world of ecommerce will increase significantly.

  Read More