ControlScan Blog

Posts Tagged: Encryption



  1. Home
  2. ControlScan Blog
  3. Posts Tagged: Encryption

Crypto-Agility in the Era of Quantum

March 23, 2020Published by

While quantum capabilities are still a few years out, it’s important to be thinking about their future impacts to our crypto systems today. How will we prepare and upfit our systems to meet the challenge of tomorrow’s adversaries? There are four important things we need to be thinking about when building crypto-agility into our applications and systems for the coming quantum era.

  Read More   

Maintaining Data Privacy: Where’s the Line?

March 10, 2020Published by

The more we think about data privacy, the more we realize how complex it truly is. From both the technical and the legal side, there are new capabilities that are exciting and offer an incredible capacity for use cases we haven’t even considered. Some of the topics discussed at the RSA 2020 Conference that are worthy of consideration focus on these new and emerging services, and how they must be viewed through the lens of personal privacy.

  Read More   

PCI PIN Security: v3.0 and QPA Program Now in Effect

October 10, 2019Published by

As of last week—October 1 to be exact—all new assessments for protection of payment card personal identification number (PIN) data must be performed against the latest Payment Card Industry (PCI) PIN Security Requirements and Testing Procedures, version 3.0. The now-effective PCI PIN Security Standard includes changes to requirements and sunset dates that may have a […]

  Read More   

Don’t Confuse P2PE and Firewall Functionality

July 24, 2017Published by

The ability to devalue credit card data has made point-to-point encryption (P2PE) technology a hot topic among franchisors. And what’s not to love? With a PCI P2PE solution in place, your franchise can check off that PCI compliance box as well as rest assured that your payment transactions are safe and secure.But is securing your credit card transactions between the POS and the payment processor all your business should worry about? Does implementing P2PE make every other security technology irrelevant to your business?

  Read More   

New Data Security Warning for FTP Use in Healthcare

April 19, 2017Published by

FTP servers are essential for sharing files and data, but healthcare providers continue to utilize them in an insecure manner. Just last year, the ControlScan Security Consulting team saw this in action within a large healthcare organization. What happens when FTP goes wrong and how can you prevent your FTP server from leaking ePHI? Read on to find out.

  Read More   

Protecting Sensitive Information in Memory

January 25, 2016Published by

Whether it is PAN data (credit card numbers), ePHI, PII or intellectual property, the rationale is all the same; disclosing any sensitive data can be a nightmare for your company or product’s future. This post, however, is focused on cardholder data, because businesses with POS environments are the most commonly breached entities that exist and quite frankly, their average security posture is pretty low.

  Read More   

EMV is Not a Security Technology

July 1, 2015Published by

You may have heard that EMV is a safer technology, which is why the banks and card brands want you to use it. So why would I say that EMV is not a security technology?

  Read More   

Guest Wi-Fi Security Best Practices

October 24, 2014Published by

“Excuse me, do you have WiFi?” While you may find the increased frequency of that question irritating, there’s no denying it: Your customers crave connectivity. And if you don’t provide it today, they will go elsewhere tomorrow.

  Read More   




Back to Top