Blog
Data Security
Most Popular Data Security Articles

Most Popular Data Security Articles

Find out the most-read PCI DSS compliance and data security posts.

Updated
December 13, 2022
Posted
July 1, 2015
Cybersecurity
PCI
Security Budget
Security Tools
Scoping
Data Breaches
Most Popular Data Security Articles

Popular data security articles: the most-read PCI DSS compliance and data security posts.

Because of their complexity, technicality, and ever-changing nature, there’s never a shortage of questions about data security, PCI DSS compliance, and network security. Part of our mission at answer the most commonly asked questions about data security, and to offer educational assistance on how to get your business secure and compliant.

The following is a compilation of the most crucial and consumed data security content on the SecurityMetrics blog.

10. 5 Commonly Overlooked Security Errors

Starting in tenth place, this great article explains common mistakes security auditors, also known as Qualified Security Assessors, find when they go onsite to audit a company’s security practices. There may even be a few security practices in this post that you might be overlooking.

  • Learn how not understanding your scope can seriously affect your security.
  • Why companies make the mistake of thinking policies are just annoying paperwork.
  • Don’t assume log monitoring is just for forensic investigators.

9. 7 Ways to Recognize a Phishing Email

Phishers are getting so good these days that even security professionals have a hard time discerning between real and fake emails. This article provides a great list (and examples!) of the most effective ways to recognize and avoid phishing emails in your personal and business email security strategy.

Phishing example
  • Learn the subtle hints of phishing emails.
  • Understand that just because a link says it will send you to a URL, doesn’t mean it will.
  • Why domain emails are important when discerning a phishing email.

8. Infographic: 61% of Businesses Don’t Protect Customer Cards

PANscan Infographic

Since 2011, SecurityMetrics has examined data from thousands of scans conducted on business networks. The scans were searching for unencrypted payment card data using a credit card data discovery tool called PANscan. This post examines the 2014’s scan results.

7. Visa PCI Enforcement Rules in 2015

Each card brand has different initiatives to help merchants understand the importance of securing customer card data. Visa’s PCI Validation Enforcement Plan places a risk-based focus on noncompliant merchants and third parties that may introduce increase risks into the already-fragile payments system.

Visa Enforcement Rules
  • Learn the penalties for noncompliance after January 1, 2015.
  • What Visa actually meant by noncompliance assessments and risk reduction measures.
  • What the new enforcement plan actually means for noncompliant merchants.

6. Which PCI DSS SAQ Is Right For Me?

The way you process customer credit cards might change which Self-Assessment Questionnaire you are required to fill out to maintain PCI DSS compliance. Now that the PCI standard has recently changed (versions 3.0 and 3.1), merchants are having a hard time identifying which SAQ is right for their particular business.

  • Determine which SAQ is appropriate for you.
  • See an entire list of PCI SAQs updated to reflect the most recent PCI 3.0 changes.
  • Learn why accurately filling out an SAQ is a PCI requirement.

5. PCI FAQ

When small to medium merchants call in to SecurityMetrics to get help with their data security, these are the questions we hear and answer most often.

  • Learn the difference between compliance and validation.
  • Answer the question: who is required to be PCI compliant?
  • Understand why PCI DSS is not a federal law.

4. Shellshock: Be Wary But Don’t Panic

A handful of big vulnerabilities were publicly exposed in 2014, but one of the biggest was Shellshock. Many people were panicking without fully understanding the situation. We wrote this post to expose the truth about the bug, and what you can do to secure your systems.

  • Why bugs like Shellshock exist.
  • Who is affected by Shellshock?
  • How do you fix this vulnerability?

See also: SecurityMetrics PCI Guide

3. PCI 3.1: Stop Using SSL and Outdated TLS Immediately

Just months after merchants felt comfortable with PCI 3.0’s changes, now there’s something new to understand. According to the PCI Council’s newest version of the PCI DSS (PCI DSS 3.1), SSL has been removed as an example of strong cryptography. This blog post explains exactly what PCI 3.1’s newest changes mean, and what you should know to accurately comply.

  • How will PCI 3.1 affect you?
  • How to tell if you’re using SSL or outdated TLS protocols.
  • Advice for complying with this new version of PCI DSS.

2. Crucial Security Advisory: Patch Windows Immediately Against WinShock

Pretty much every Microsoft Windows system was affected by the WinShock vulnerability publicly released in November 2014. There are over 1 billion Windows PCs in the world today, so this vulnerability came as a shock. This post explains the who, what, when, where, and why.

  • Exactly which systems are affected?
  • How does the vulnerability work?
  • What you can do to protect against this vulnerability in your Windows systems.

1. The Ultimate Guide to PCI DSS 3.0

Each of our PCI 3.0 blog posts were in the top 10, so we just combined them into our #1 most read blog post: our ultimate guide to PCI DSS 3.0. PCI DSS 3.0 brought about some big changes (and confusion) for merchants. This compilation post includes each of SecurityMetrics’ best PCI DSS 3.0 blog posts.

  • An ebook explaining the ecommerce merchant’s guide to PCI DSS 3.0.
  • Webinars explaining key PCI 3.0 requirements.
  • FAQ about PCI DSS 3.0.

Join Thousands of Security Professionals.

Subscribe Now

Get the Guide To PCI Compliance

Download

Get a Quote for Data Security

Request a Quote
Stay up to date
Subscribe to our blog.
Subscribe Now
Data Security
Vulnerability ScanningPenetration TestingSecurity TrainingPANscan®SecurityMetrics VisionSecurityMetrics MobileCIS Controls AssessmentConsultingResellerForensic/Incident ResponseData and Network SecurityData Security AcademyWebpage Integrity Monitoring (WIM)Shopping Cart Inspect (PCI Req. 11.6.1)Shopping Cart Monitor (PCI Req. 11.6.1)SecurityMetrics Pulse
Compliance
GDPR CompliancePCI CompliancePCI DSS AuditPCI Level 4 ProgramPA-DSS/SSF AuditP2PE AuditPIN Security AssessmentPCI PoliciesPCI TrainingHIPAA ComplianceHIPAA PoliciesHIPAA TrainingHealth Network ProgramHITRUST
Company Info
About UsBlogGlossaryMedia RelationsCareersTerms of UsePrivacyAbuseDo Not Sell My Information
Contact
Contact UsReport a Vulnerability
SecurityMetrics podcast logoLinkedIn logoFacebook logo
© 2025 SecurityMetrics, Inc. All rights reserved.
Privacy PolicyTerms and Conditions
Your IP Address is:
YouTube logoSecurityMetrics podcast logoLinkedIn logoFacebook logo
Subscribe to our blog
Subscribe Now
© 2025 SecurityMetrics, Inc. All rights reserved.
Privacy Policy
|
Terms and Conditions
|
Your IP Address is:
000.000.000.000