ControlScan Blog


Stay informed with the latest security + compliance updates, news and best practices.



July 16, 2017Published by

Payment card data security isn’t a new concept, yet businesses everywhere still can’t get it right. The payment card industry has a growing body of standards, merchants and technology providers strive to follow them, and consumers continue to demand them.But payment card data breaches still happen. Regularly. Why?It’s time we upped the ante on our efforts to help merchants protect themselves.

  Read More   


January 9, 2017Published by

Each information security framework was created for a purpose, but the shared goal is some form of assurance that sensitive data is effectively protected. Unfortunately, compliance requests vary by client and too frequently are based on incorrect assumptions or a check-list mentality that jeopardizes true information security.Identifying the right security framework (or set of frameworks) for your organization not only provides real information security assurance, it also gives you the opportunity to consolidate the audits you’re conducting or undergoing to save valuable time and money.

  Read More   


November 15, 2016Published by

Third party relationships make your life easier in a multitude of ways, from streamlining processes, to providing additional human resources, to ensuring operational efficiency. Unfortunately, these relationships also introduce increased business risk related to data security and compliance.If one or more of your third party vendors doesn’t maintain a strong security posture and is consequently compromised, your business could very well end up sharing the burden of recovery. Read this ControlScan blog post for three steps you can take to lessen your business’s third party risk.

  Read More   


July 12, 2016Published by

Event log monitoring—or keeping an eye on your system logs for security and compliance purposes—can be a challenge. Here at ControlScan we see businesses and their IT teams struggling with its implementation and/or maintenance just about every day.

  Read More   


June 6, 2016Published by

Have you been told your organization needs to comply with certain information privacy and/or security standards, such as PCI, HIPAA, etc.? If so, you may find yourself quickly overwhelmed with all the requirements for bringing people, processes and technology into “compliance.” Yes, compliance can suck.

  Read More   


May 20, 2016Published by

Your Company is Under AttackYour company’s networks are being probed, prodded and attacked countless times every day. Unless you’re watching your logs, you’re likely unaware all this activity is taking place. Awareness, being a critical element of an effective defense, is important to cultivate and nurture.The Science Behind the “Pen Test”How do you gain insight […]

  Read More   


May 2, 2016Published by

Split Decisions Cost Big BucksOne of the worst things that can happen to a convenience store manager is their cooler shutting down without their knowledge. Beer gets warm and food spoils, translating into hundreds of dollars lost.But what’s worse than a cooler shutting down? A firewall “shutdown.”Let’s assume a third party comes in to implement […]

  Read More   


March 30, 2016Published by

Do you REALLY know where you stand with compliance and security? Are you faced with the dilemma of digging more deeply into your IT security and compliance posture or simply assuming it’s handled because your providers say they’re PCI compliant? Many online retailers really don’t understand exactly where a provider’s coverage stops and where theirs starts…and […]

  Read More