Blogg

The Two Core Phases of Penetration Testing and PCI Compliance Pitfalls
When it comes to pen testing, it can always be roughly broken down in to two core phases: scanning and exploiting. Simply put: know what

New at Complior:
Amazon Web Services
What if you could pick-and-choose IT tools, infrastructure and cloud services right when your business needs them, implement with ease and pay for how much

Sustainable PCI DSS Compliance
Reaching the milestone of PCI DSS compliance is a big thing – a great achievement (and relief) for both company and the security team –

GDPR and US Privacy Shield 0.1.
GDPR – Since July 2020 the U.S. Privacy Shield has been declared invalid and can no longer be used. The U.S. Privacy Shield has been

How PCI QSAs Contribute to Safer Cloud Services
Being hacked and having sensitive data exposed is many organisations’ worst nightmare. At the same time, today’s society demands constant data access. Can we have

The Importance of Documentation in PCI DSS
It is impressive to be technically sound and to have state-of-the-art equipment to protect your network and valuable data. But even the most expensive equipment

Why PCI DSS is important for the hospitality industry
According to the last DBIR (Data Breach Investigations Report) conducted by the Verizon Risk Team, the hospitality industry ranked among the most attacked industries. It

Frequently asked questions about GDPR
In my work as Compliance Manager and GDPR Consultant, I receive daily questions about GDPR. In this blog post I have gathered some of the

Guide to password security – how to protect your employees
According to the National Cyber Security Center in the UK, British people have an average of 22 passwords. If you take that number as an

A quick guide to GDPR documentation
In GDPR there is a principle of accountability, which means that you should be able to demonstrate compliance with the regulation. One way of doing

Pseudonymization and anonymization of personal data
One thing that is heavily emphasised in GDPR is the importance of Privacy by Design. Mechanisms to protect personal integrity should be built into IT

Mirror, Mirror on the wall: who’s in PCI DSS scope of them all?
Many times, during a PCI DSS assessment, entities are inclined to consider everything that is not Cardholder Data Environment as out of scope. CDE Connected