The Monthly “Steal” by David Steele
The Monthly “Steal” is a bit of relevant technology information intertwined with personal thoughts, opinions and some real life experiences. It is written by David “Steele” and is free, hence a “steal” from a “Steele”.
Intrada’s sister company, PRWorks, is available to work with clients in the event of a data security breach. This could include media management, press releases, strategic planning and remediation of breach.
Network Security is critical to successful business growth. With the growing security threats associated with financial, medical and personal information, businesses need to take security seriously to prevent a security breach. As a key provider to IT management and support, Intrada has invested in audit compliance reporting and monitoring software to ensure our clients’ network configurations are SOX,
HIPAA
The Health Insurance Portability and Accountability Act (HIPAA) is a critical piece of legislation in the United States aimed at protecting sensitive patient health information. Enacted in 1996, HIPAA established comprehensive standards for the privacy and security of medical data, ensuring that healthcare providers, insurers, and other related entities handle patient information responsibly. The Act sets national standards for electronic health care transactions and addresses the security and privacy of health data. It is essential for organizations handling health information to comply with HIPAA regulations to safeguard patient privacy and ensure the integrity and confidentiality of the data. https://www.hhs.gov/hipaa/index.html
or
PCI
The Payment Card Industry Data Security Standard (PCI DSS) is a framework established to ensure the security of credit, debit, and other payment card transactions and protect cardholders from misuse of their personal information. Developed by the Payment Card Industry Security Standards Council (PCI SSC), which was founded by major credit card companies including Visa, MasterCard, American Express, Discover, and JCB, PCI DSS provides a set of comprehensive data security requirements applicable to all entities involved in processing card payments.
The standard covers a broad array of security measures, including but not limited to managing network security, protecting cardholder data, maintaining a vulnerability management program, implementing strong access control measures, regularly monitoring and testing networks, and maintaining an information security policy. By adhering to PCI DSS, organizations can significantly reduce the risk of data breaches and cyber attacks aimed at stealing payment card information.
Compliance with PCI DSS is mandatory for any organization that stores, processes, or transmits payment card data, regardless of size or number of transactions. The standard is divided into six major goals and 12 requirements, creating a structured approach to securing payment environments:
Build and Maintain a Secure Network and Systems
Install and maintain a firewall configuration to protect cardholder data.
Do not use vendor-supplied defaults for system passwords and other security parameters.
Protect Cardholder Data
Protect stored cardholder data.
Encrypt transmission of cardholder data across open, public networks.
Maintain a Vulnerability Management Program
Protect all systems against malware and regularly update anti-virus software or programs.
Develop and maintain secure systems and applications.
Implement Strong Access Control Measures
Restrict access to cardholder data by business need-to-know.
Identify and authenticate access to system components.
Restrict physical access to cardholder data.
Regularly Monitor and Test Networks
Track and monitor all access to network resources and cardholder data.
Regularly test security systems and processes.
Maintain an Information Security Policy
Maintain a policy that addresses information security for all personnel.
Adhering to PCI DSS not only helps businesses protect sensitive data and foster customer trust but also aligns them with legal and regulatory requirements concerning data protection. Thus, the PCI DSS serves as a critical component in the overall cybersecurity strategy for any organization handling payment card transactions.
compliant in real time. This provides the highest level of monitoring and tools to help prevent a security breach.
Intrada also provides security training and procedure management to help educate your employees on the safeguards and acceptable usage of the company network. Training packages are customized to support corporate policies and procedures with a focus on IT usage.
For more information on Intrada Network Security and Audit Compliance, please contact our office to schedule a free consultation.
If you are interested in learning more about Intrada, give me a call or email me today.
David Steele, Partner / Webmaster

djsteele@intradatech.com
570-321-7370