The PCI DSS compliance framework has been a staple in the cybersecurity realm for businesses handling credit card transactions. The Payment Card Industry Data Security Standard was developed to encourage and enhance payment card account data security. It helps define consistent security... Read More
Compliance
Categories
NIST 800-53 guidelines and requirements
To help increase their cybersecurity posture and successfully meet compliance regulations, organizations must consult the latest guidance regarding security and privacy controls for securing business-critical data. The National Institute of Standards and Technology (NIST) is a respected authority for... Read More
How to make your password policy NCSC compliant
The National Cyber Security Centre (NCSC), formerly known as the CESG, introduced new Cyber Essentials password recommendations to combat the swell of data breaches. What was once perceived as a best practice, such as password complexity, is now considered... Read More
NIST MFA guidelines: Make sure you’re compliant
End-user passwords are often the weakest link in IT security, providing the path of least resistance for an attacker looking to penetrate business systems. Users commonly choose easy to remember, and consequently, easy to compromise passwords. According to Verizon’s... Read More
2022-2023 NIST 800-63b Password Guidelines and Best Practices
The most basic form of authentication is the password. Despite many advancements in cybersecurity, the username and password, although outdated, are still used as the most common form of authentication today. Enterprise environments have long used password policies to... Read More
Active Directory reversible encryption explained
If you have administered password policies in Active Directory or looked at the local policies present in the Windows client operating system, you may have noticed an interesting setting contained in the Account policies section. The setting is Store... Read More
Australia’s Cyber Security Strategy and stolen credentials
To address the growing number of cyber threats, Australia released a new version of the Australia’s Cyber Security Strategy 2020 on August 6, 2020. The 2020 version of the strategy replaces the earlier strategy from 2016, and will be delivered through the combined efforts... Read More
Password Policy Compliance Report in Specops Password Auditor
Organizations looking to evaluate how well their existing password policies measure up against different compliance standards may benefit from running a free scan with Specops Password Auditor. One of the reports Password Auditor provides is the Password Policy Compliance report.... Read More
What is Gramm-Leach Bliley Act (GLBA)?
The Gramm-Leach-Bliley Act (GLBA), also known as the Financial Services Modernization Act of 1999, requires financial institutions to explain their information-sharing practices to their customers, and to safeguard sensitive data. The GLBA applies to all companies that offer consumer financial products or services like loans, financial or investment advice, or... Read More
CIS Benchmark Password Policy
With technology constantly evolving, cybersecurity organizations are helping people, businesses, and governments with best practices to protect themselves against emerging threats. The Center for Internet Security (CIS) is one of these advisement groups. The CIS Controls and CIS Benchmarks provide globally recognized best practices for security IT systems and... Read More