What is the relationship between an SSL and TLS? Most of us are familiar with SSL (Secure Socket Layer) but not TLS (Transport Layer Security). Both protocols are used to transmit online data securely between two endpoints. SSL is older than TLS, but all SSL certificates can use both SSL and TLS encryption. TLS is the replacement protocol to SSL as TLS is the updated version of the SSL protocol. TLS operates similarly to SSL by using encryption methods to ensure secure communication.Continue reading “SSL vs TLS”
What is Lynis?
Lynis is a well known, seasoned security tool for Linux based systems (including macOS and/or other Unix-based operating systems. It performs an extensive health scan of your systems to support system hardening and compliance testing. The project is open-source software with the GPL license and available since 2007.Continue reading “Lynis: A Security Auditing Tool For Linux”
Reading Time: 2 minutes
What Is PCI Compliance?
For any business that handles Credit Card data, in anyway, there is a set of rules and standards they must follow. These rules and regulations are called Payment Card Industry Data Security Standard. Or PCI-DSS for short, however this is often simplified to just ‘PCI Compliance’.
These standards were put in place by major Credit Card companies to ensure data security. These standardized rules greatly simplify securing credit card data as they allow businesses to track a single standard. In the past each credit card network had their own standard which made it hard for users to be compliant. Continue reading “What Is PCI Compliance?”
Reading Time: 6 minutesIf you process credit cards on a website, your site needs to be in compliance with the Payment Card Industry Data Security Standard. (This is abbreviated as PCI DSS, and even more often referred to simply as PCI.) PCI compliance certifies that your organization takes all necessary steps to protect sensitive customer data and provides a set of standards for your infrastructure and server setup. While Liquid Web does not offer full PCI compliance certification, we do offer a separate service that scans your server to see that PCI DSS requirements are met, a great tool during the compliance process.