The following instructions will guide you through the SSL installation process on Tomcat. If you have more than one server or device, you will need to install the certificate on each server or device you need to secure. If you still have not generated your certificate and completed the validation process, reference our CSR Generation Instructions and disregard the steps below.
The following instructions will guide you through the CSR generation process on Microsoft IIS 7. To learn more about CSRs and the importance of your private key, reference our Overview of Certificate Signing Request article. If you already generated the CSR and received your trusted SSL certificate, reference our SSL Installation Instructions and disregard the steps below.
1. Open Internet Infor… Read More
PCI DSS compliance is a requirement for any organization that accepts payment cards. There are numerous PCI DSS requirements, all aimed at ensuring your customers’ payment care information is kept safe and secure. One of those requirements, 11.2.2, requires external vulnerability scanning.
- 11.2.2 Perform quarterly external vulnerability scans, via an Approved Scanning Vendor (ASV) approved by the
PCI DSS, more formally known as the Payment Card Industry Data Security Standards, serves as the compliance framework that regulates companies accepting payment cards. It’s a common-sense regulation that basically mandates businesses follow certain security best practices in order to safeguard the sensitive information they collect. It’s what governs all organizations that take payment cards… Read More
PCI DSS affects any organization that accepts payment cards. Turns out that’s most businesses. And it also just so happens that payment cards are a lucrative and enticing target for enterprising cybercriminals. That makes PCI DSS compliance doubly important. Not only are you in line for fines and penalties for non-compliance, but the very relationships that form the foundation of your business – y… Read More
Calculating how much it will cost to become compliant with PCI-DSS requirements
Many organizations view compliance as a binary, you’re either compliant or you’re not. But that’s not necessarily how all compliance frameworks work. Many, like HIPAA and PCI DSS, view compliance in terms of degrees – focusing on how compliant (or not compliant) an organization is rather than looking at it like a yes/no… Read More