ISO 17025 and Requirements for Security Labs and Testing

iso 17025 featured

When we discuss cybersecurity, it’s most often done in the context of audits, assessments, or certifications. However, specific systems and components require more stringent testing standards, ensuring that the technology functions correctly and securely after construction or during ongoing operational use. 

To support the testing and assurance of these components, the National Institutes of Standards and Technology (NIST) operates a program to align testing and laboratory standards with ISO 17025, the international framework for lab calibration and competence. 

Read More

What Is In-Transit Cryptography?

in transit cryptography featured

Data encryption is a crucial part of cybersecurity. The standard data states (at rest, in transit, and use) all present unique and challenging vulnerabilities that can expose that data to unauthorized parties. No vulnerability is more apparent than having that data stolen and viewed by people who shouldn’t be looking. 

That’s where in-transit encryption comes into play. With in-transit encryption, you can meet your compliance requirements and ensure that your data, and the data of your patients and customers, remain confidential.

 

Read More

Protecting PAN According to PCI DSS Rules

PAN featured

It’s crucial that any company handling consumer cardholder information, including card numbers, protect that information from any and every unauthorized user. The PCI Security Standards Council has determined that to promote security and usability, it’s not enough to secure a system perimeter and encrypt data. Instead, companies have to approach data obfuscation through a series of requirements that protect it from theft while allowing the company to utilize it for regular commercial purposes. 

Here, we’ll discuss Primary Account Numbers (PAN) and how you must protect them under PCI DSS.

 

Read More