ControlScan Blog


Stay informed with the latest security + compliance updates, news and best practices.



May 1, 2020Published by

We can learn a lot from the same protective measures that are working to defeat this insidious coronavirus enemy. The parallels are striking between the social and professional measures that are swiftly becoming business-as-usual, and the security measures that should have been business-as-usual all along. Now may be the perfect time to remind ourselves of a few.

  Read More   


August 13, 2019Published by

A new exploit known as e-commerce skimming is making the rounds. The PCI SSC recently released a blog warning of the growing threat of digital skimming, followed immediately by a bulletin from Visa warning of the same. There are three important areas to consider that will help protect your website from e-commerce skimming.

  Read More   


June 6, 2016Published by

Have you been told your organization needs to comply with certain information privacy and/or security standards, such as PCI, HIPAA, etc.? If so, you may find yourself quickly overwhelmed with all the requirements for bringing people, processes and technology into “compliance.” Yes, compliance can suck.

  Read More   


May 20, 2016Published by

Your Company is Under Attack Your company’s networks are being probed, prodded and attacked countless times every day. Unless you’re watching your logs, you’re likely unaware all this activity is taking place. Awareness, being a critical element of an effective defense, is important to cultivate and nurture. The Science Behind the “Pen Test” How do […]

  Read More   


May 2, 2016Published by

Split Decisions Cost Big BucksOne of the worst things that can happen to a convenience store manager is their cooler shutting down without their knowledge. Beer gets warm and food spoils, translating into hundreds of dollars lost.But what’s worse than a cooler shutting down? A firewall “shutdown.”Let’s assume a third party comes in to implement […]

  Read More   


January 25, 2016Published by

Whether it is PAN data (credit card numbers), ePHI, PII or intellectual property, the rationale is all the same; disclosing any sensitive data can be a nightmare for your company or product’s future. This post, however, is focused on cardholder data, because businesses with POS environments are the most commonly breached entities that exist and quite frankly, their average security posture is pretty low.

  Read More   


November 18, 2015Published by


Moving infrastructure and applications to the cloud enables a whole new level of connectedness for your organization and customers. Its accessibility and on-demand scalability make it an ideal platform for many evolving businesses. But, because it changes much of what we know about the traditional IT environment, there are some very real risks involved—even if hosting with a major service provider. Learn more about balancing the risk and reward of going to the cloud.

  Read More   


August 12, 2015Published by

Google has published some interesting statistics in continuation with their #NoHacked campaign: Over the past year, Google has noticed a 180% increase in the number of websites getting hacked. Google also offers some tips to protect your website from getting hacked. Unfortunately, the advice they offer, while good, is very basic and will only protect you to a point.

  Read More   


July 1, 2015Published by

You may have heard that EMV is a safer technology, which is why the banks and card brands want you to use it. So why would I say that EMV is not a security technology?

  Read More   


June 17, 2015Published by

Password managers are a critical component of authentication security. The average user has no less than 40 online accounts, and people who work in IT can easily have over 1000 accounts. Unless you somehow possess the mental capacity to memorize unique, random passwords for all of those accounts, you need a way to securely create and manage passwords for you.

  Read More   


April 17, 2015Published by

Earlier this year, information began to filter out to SMBs regarding America’s shift to EMV payment technology. Unfortunately, you may have found these communications left you with more questions than answers. While it may be confusing, your business’s shift to EMV is essential to its long-term success.

  Read More   


February 4, 2015Published by

The rapid growth and infusion of the Internet of Things (IoT) in everyday life has correspondingly seeped into the workings of everyday business. Security cameras, energy management systems, digital menu boards, kiosks, LED light bulbs, thermostats, medical devices, etc., are examples of Internet-connected components that, when connected to a business network, become points of vulnerability (PoVs) and therefore must be securely managed.

  Read More