The Payment Card Industry Data Security Standard is a voluntary security framework to help protect customers and merchants against the theft of credit card data during POS transactions. Like many other compliance frameworks, PCI DSS has continually evolved over the years to match new technologies and new threats to the privacy of consumers shopping online and off. As of 2021, the PCI Security Standards Council has announced the newest version of PCI DSS, version 4.0.

While the official documentation for the updated standard has, as of March 2021, not been released, many merchants and banks are preparing for the transition. Here are some basics into PCI DSS and the move to version 4 coming Summer 2021. 

Read More

Any IT or cloud provider working with the government needs to show that they are secured against data breach or theft. As the SolarWinds hack has demonstrated, our interconnected technology systems are under attack from outside entities who want to gain access to critical civil, military, and industrial data and undermine our security. That’s why frameworks like FedRAMP and CMMC exist. 

But do these frameworks play well together? As of right now, there isn’t a clear 1-to-1 relationship between the two. But some similarities between the two could help cloud service providers who want to work with defense agencies prepare their systems for CMMC compliance if they currently have FedRAMP certification. 

Read More

The Department of Defense has made a significant push to improve the security of its cyberinfrastructure and supply chain (known as the Defense Industrial Base), and the result of this push is the Cybersecurity Maturity model Certification (CMMC) initiative. This framework uses existing security guidelines to provide an overview of necessary security requirements for federal contractors working with the DoD.

This framework isn’t just for large corporations. Many DoD agencies work with small and mid-sized businesses to leverage flexible cloud platforms, SaaS technology, or other IT services. That’s why it is just as important for SMBs to consider the impact of CMMC on their business now and over the next 5 years. 

Read More