ControlScan Blog


Stay informed with the latest security + compliance updates, news and best practices.



November 25, 2015Published by

Social engineers play to people’s wants and needs, focusing on the mental triggers that can make a person do something. Learn what you can do to combat it.

  Read More   


November 18, 2015Published by


Moving infrastructure and applications to the cloud enables a whole new level of connectedness for your organization and customers. Its accessibility and on-demand scalability make it an ideal platform for many evolving businesses. But, because it changes much of what we know about the traditional IT environment, there are some very real risks involved—even if hosting with a major service provider. Learn more about balancing the risk and reward of going to the cloud.

  Read More   


November 9, 2015Published by

Today’s unprecedented breach activity—and the high costs breached companies are paying as a result—are causing executive teams to sit up and take notice. Those responsible for organizational IT are finding themselves under increasing pressure to reinforce and report on a strong security posture to stakeholders.

  Read More   


October 23, 2015Published by

Phishing remains a top organizational security vulnerability because it involves the exploitation of human weakness. If you have humans at your workplace—and we all do!—then you are at risk.

  Read More   


August 12, 2015Published by

Google has published some interesting statistics in continuation with their #NoHacked campaign: Over the past year, Google has noticed a 180% increase in the number of websites getting hacked. Google also offers some tips to protect your website from getting hacked. Unfortunately, the advice they offer, while good, is very basic and will only protect you to a point.

  Read More   


June 25, 2015Published by

Last week’s news that the popular password manager LastPass had been breached sent many of its users into a panic, rushing to change their “master passwords.” The reality of the situation is, however, that the stolen master password data was well hashed, making it essentially useless to those on the outside. So there’s absolutely no worry then, right? Wrong.

  Read More   


June 17, 2015Published by

Password managers are a critical component of authentication security. The average user has no less than 40 online accounts, and people who work in IT can easily have over 1000 accounts. Unless you somehow possess the mental capacity to memorize unique, random passwords for all of those accounts, you need a way to securely create and manage passwords for you.

  Read More   


April 15, 2015Published by

Many businesses are using outdated SSL and TLS versions as a security control because the software they’re running still supports it. But experts warn that these protocol versions, including SSL 2.0, SSL 3.0 and TLS 1.0, are no longer secure and therefore require action on the business’s part.

  Read More   


April 8, 2015Published by

While your bank is doing all it can to keep cybercriminals from accessing your merchant account, your own staff could be undermining the bank’s efforts.

  Read More   


February 4, 2015Published by

The rapid growth and infusion of the Internet of Things (IoT) in everyday life has correspondingly seeped into the workings of everyday business. Security cameras, energy management systems, digital menu boards, kiosks, LED light bulbs, thermostats, medical devices, etc., are examples of Internet-connected components that, when connected to a business network, become points of vulnerability (PoVs) and therefore must be securely managed.

  Read More   


January 23, 2015Published by

How do you quantify ROI from Security Awareness Training of your employees? This is a question that every IT Security Manager has in his/her mind. Compliance mandates and government legislation exhort companies to roll out Security Awareness Training to employees, but is it worth the investment ?

  Read More   


December 12, 2014Published by

It’s a Tuesday afternoon and the lunch rush is in full swing at your store. Customers form four neat rows at the counter and a line of cars partially encircles the building, inching forward as your drive-through staff scrambles to fulfill each order. You are making the rounds between kitchen and counter, ensuring that all stations are running like clockwork.

  Read More   


December 2, 2014Published by

Last week, Inc.com featured a great piece by Electronic Transactions Association CEO Jason Oxman. “A Cybersecurity Checklist for Online Retailers” lists important steps online startups and small businesses can take to protect sensitive data. As the U.S. migrates to EMV (i.e., chip cards), it is expected that fraud activity in the world of ecommerce will increase significantly.

  Read More   


November 17, 2014Published by

Users of Apple’s iOS (smartphone and tablets) and OS X (Macs) devices have traditionally thought of themselves as being fairly immune from viruses, Trojans and other infections and attacks. The past week’s flurry of articles on WireLurker (and the related Masque attack) called that assumption into question for many, however.

  Read More   


October 24, 2014Published by

The best way to truly strengthen your business’s security posture is to have a sober understanding of your risk and then meet that understanding with practical steps to protect your business against data thieves. With that in mind, here are 5 best practices you can begin implementing today.

  Read More