The Perils of Relying on P2PE

August 21, 2018 • Published Categories PCI 101Tags , , ,
P2PE is no security silver bullet!

Point-to-point Encryption (P2PE) is an awesome tool for securing retailers’ payment card data. ControlScan highly recommends it in every environment where it’s feasible and cost effective to do so. (We operate security infrastructure in many retail environments with integrated POS systems, where P2PE is either … Read more

Your Quick Guide to PCI Scanning Success

July 9, 2018 • Published Categories PCI 101Tags , ,
PCI Scanning ASV

An ongoing requirement of the PCI compliance process involves having your payment card environment scanned for security vulnerabilities. For most businesses, PCI scanning must be conducted by an Approved Scanning Vendor (ASV) at least quarterly, as well as following any major change to your environment. … Read more

Why ASV Whitelisting is Both Normal and Essential for a Successful PCI Vulnerability Scan

October 30, 2017 • Published Categories PCI 101Tags ,
Is ASV whitelisting “cheating”?

“Why am I being asked to whitelist ControlScan’s IP address as part of your ASV service? Doesn’t bypassing my IPS defeat the purpose of a PCI vulnerability scan?” ASV whitelisting is one of the most common questions our Vulnerability Management team receives, so let’s dive … Read more

How Website Security Gets Breached: 3 Common Errors and 3 Basic Fixes

June 7, 2017 • Published Categories PCI 101Tags , ,
Website security: 3 common errors, 3 basic fixes

The bad guys don’t care what—or how much of it—you sell online. Today’s e-commerce businesses are in hackers’ cross hairs for many reasons, not the least of which is their ease of access. With the Internet as their gateway, every single e-commerce business is an … Read more