Questions? Contact Us

 

Latest News

Featured News & Events

PCI DSS and SSL v 3

With widespread and disastrous SSL/TLS vulnerabilities taking place such as POODLE and FREAK, SSL and early TLS versions are no longer considered strong cryptography and any web site that still uses them is insecure.

According to the new rules in PCI DSS v3.1, companies have until June 30, 2016 to update to a more recent version of TLS (1.1 or higher). Prior to this date, existing implementations using SSL or an early TLS must have a formal risk mitigation and migration plan in place.

The PCI DSS v3.1 requirements directly affected are:

  • Requirement 2.2.3 Implement additional security features for any required services, protocols, or daemons considered insecure.

  • Requirement 2.3 Encrypt all non-console administrative access using strong cryptography.

  • Requirement 4.1 Use strong cryptography and security protocols to safeguard sensitive cardholder data during transmission over open, public networks.

ZZ Servers is here to help you meet these new requirements. We have tools and procedures in place to quickly implement required changes and help you maintain the security and compliance of your PCI infrastructure. Please contact your Account Manager as soon as possible so we can help you implement the required changes.

GHOST - The latest Linux Vunlerability
ZZ Servers Founder Attending Largest Annual Hacker...

Related Posts

 

Tag Cloud

Credit Card Security Assigned Names cli Control Panel National Cyber Security Awareness Month Interworx-CP SSL ipad PCI DSS 3.2 PCI anti virus spoofing protect data INFOSEC cyber monday recovering data Debian support security hosting control panel CentOs spf vulnerability scanning IT services shared secure hosting Positive Customer Impact Vulnerability eCommerce cyber protection Health Insurance Portability InterWorx trends two factor authentication healthcare solutions Sysadmin arduino cybersecurity Payment Card Industry blackberry teensy David Zendzian Hackers HIPAA solutions PCI Data Security Standards Las Vegas PCI compliance Hosting Car Hacking QSA business solutions Scalable Redundant Cloud Infrastructure shared folders kerio exchange personal information Small Business cyber intrusion detection Accountability Act Firetalk cloud cyber monitoring Shmoocon Linux Windows businesses PCI Audit amazon ec2 malicious software Continuous Monitoring IT PCI Solutions Business Planning Health Care Cybersecurity GDPR cyber security PCI Hosting vps Information Technology Reports iphone follow.The HIPAA Privacy Rule Internet infrastructure Xen passwords motivation employee training change members area infrastructure DRP email accounts Online Business Cloud Computing Announcement compliant hosting phishing attacks business community eCommerce Solutions PCI Compliance dss HIDS VPS Servers log files sender policy ZZ Servers TiaraCon video Healthcare Records command line ICANN assesment Compliance social engineering Alarm physical security education windows 7 pci complliant hosting computer security data privacy mail server Disaster Recovery Plan HIPPA permissions phishing smartphone cyber liability insurance safe computing IT solutions spam ZZ Servers Co-Founder data breach password TLS HIPAA Solutions Credit Cards Domani Names business solitions embedded business Medical Solutions qsa IT Solutions compliance computing in the cloud Cybersecurity Business Solutions Security Medical Records credit card OSSEC activesync caller-id shared hosting HIPAA logical security Zendzian dsbl Internet Corporation credit cards stolen physical Email shared server information technology Cybersecurity cell phone email openssl apache lamp Internet small business multi-factor authentication PCI Service Provider security circles backup solutions Geekend data protection Web Hosting Presentation vyatta router firewall filter security PCI HIPAA cloud infrastructure Charleston credit card payment health care providers Server Mangement management black friday DEF CON BSides search Ubuntu bash Business Solutions network World Backup Day computer networks Home Depot Breach IT security IT Services