Reading Time: 6 minutes
What is Zero Trust Security?
Zero Trust security is the concept, methodology, and threat model that assumes no user, system, or service operating within a secured internal environment should be automatically trusted. It put forward that every interaction must be verified when trying to connect to a system before being granted access. This concept uses micro-segmentation, and granular edge controls based on user rights, application access levels, service usage, and relation to the location to determine whether to trust a user, machine, or application seeking to access a specific part of an organization.
Continue reading “How to Implement Zero Trust Security in 5 Steps”
Reading Time: 7 minutes
In this tutorial, we will look at several methods that are used to compromise a website. In today’s world, websites use multiple procedures that represent the core functions of a modern business. Whether you have an eCommerce site or a business card site, a website is essential for driving business growth. We can safely state that a website is a unique image of your respective business.
Continue reading “How Was My Website Compromised? “
Reading Time: 4 minutes
What is the relationship between an SSL and TLS? Most of us are familiar with SSL (Secure Socket Layer) but not TLS (Transport Layer Security). Both protocols are used to transmit online data securely between two endpoints. SSL is older than TLS, but all SSL certificates can use both SSL and TLS encryption. TLS is the replacement protocol to SSL as TLS is the updated version of the SSL protocol. TLS operates similarly to SSL by using encryption methods to ensure secure communication.
Continue reading “SSL vs TLS”
Reading Time: 20 minutes
What is Lynis?
Lynis is a well known, seasoned security tool for Linux based systems (including macOS and/or other Unix-based operating systems. It performs an extensive health scan of your systems to support system hardening and compliance testing. The project is open-source software with the GPL license and available since 2007.
Continue reading “Lynis: A Security Auditing Tool For Linux”
Reading Time: 2 minutes
What Is PCI Compliance?
For any business that handles Credit Card data, in anyway
, there is a set of rules and standards they must follow. These rules and regulations are called Payment Card Industry Data Security Standard. Or PCI-DSS for short, however this is often simplified to just ‘PCI Compliance’.
These standards were put in place by major Credit Card companies to ensure data security. These standardized rules greatly simplify securing credit card data as they allow businesses to track a single standard. In the past each credit card network had their own standard which made it hard for users to be compliant. Continue reading “What Is PCI Compliance?”
Reading Time: 6 minutes
If you process credit cards on a website, your site needs to be in compliance with the Payment Card Industry Data Security Standard. (This is abbreviated as PCI DSS, and even more often referred to simply as PCI.) PCI compliance certifies that your organization takes all necessary steps to protect sensitive customer data and provides a set of standards for your infrastructure and server setup. While Liquid Web does not offer full PCI compliance certification, we do offer a separate service that scans your server to see that PCI DSS requirements are met, a great tool during the compliance process.
Continue reading “Ensure Your Electronic Payments are PCI DSS Compliant”