The Green Sheet Online Edition
August 24, 2015 • Issue 15:08:02
Free online security learning center
SecurityMetrics, established in 2000 and based in Orem, Utah, provides data security and compliance services to e-commerce companies, global acquirers and retail businesses. Recently, the company created The SecurityMetrics Learning Center, an online aggregated compilation of information, training and guidance on security and compliance-related matters.
SecurityMetrics said it teamed with thought leaders and security analysts who were committed to educating the public on security compliance and best practices to protect merchants, healthcare providers and consumers from cyber crime. The website is free to the public and accepts no advertising. Designed to be an integral part of the merchant experience, it provides advice, assistance and software tools designed to help business owners secure sensitive data and comply with payments and healthcare industry mandates.
Topics include trends in risk management and security vulnerability alerts. "A majority of content experts are genuinely trying to get the word out by helping to educate merchants about security," said Jon Clark, SecurityMetrics Director of Marketing. "Our website content and resources can be used by business owners as well as Level 4 PCI program managers who work directly with merchants on a range of security-related issues, answering questions surrounding PCI compliance."
Three key areas of expertise
The SecurityMetrics Learning Center contains articles, blog posts, videos, webinars, infographics, ebooks and white papers. It is organized into three key areas of specialization:
- Payment Card Industry (PCI) Compliance: Payment Card Industry Data Security Standard (PCI DSS) compliance is designed to protect business owners and consumers from payment card theft and fraud. Achieving PCI compliance may involve internal and external vulnerability scanning, penetration testing, card data discovery, breach protection, mobile device security, enhanced security policies and training.
The PCI section of the SecurityMetrics Learning Center provides insights on how to reduce PCI scope, respond to PCI Self Assessment Questionnaires and achieve accurate and meaningful PCI compliance. An array of videos, webinars, ebooks and infographics address these topics.
- Health Insurance Portability and Accountability Act (HIPAA) Compliance: Many healthcare providers are aware of Healthcare Insurance Portability and Accountability guidelines but face numerous obstacles to achieving compliance. HIPAA has 157 requirements, and most are not written in clear language.
"Most HIPAA audit services focus too much on privacy and neglect essential data security," said Tod Ferran, Security Analyst at SecurityMetrics. The HIPAA portion of the center offers a holistic approach to achieving HIPAA compliance within a comprehensive security framework. The site includes educational webinars and compliance software designed to demystify HIPAA regulations and implementation.
- Data Security: Data security continually evolves in response to the complex and ever-changing threat landscape. Blog posts within the learning center answer common questions about data security, PCI DSS compliance and network security. The site offers videos and webinars focused on how to achieve and maintain security compliance.
Posts by security experts explore the limitations of anti-virus programs, inherent vulnerabilities of Europay, MasterCard and Visa technology and how to protect against malware. An infographic shows how working from home makes workers more hackable by creating multiple points of entry for cyber criminals to access corporate networks.
A continually evolving learning experience
In addition to educating organizations about the threat landscape, SecurityMetrics plans to integrate more search functionality into the learning center site to make it easier for users to find specific topics and customize research options according to their specific areas of interest.
The company stated its online center is a multifaceted educational platform that is frequently updated to stay apace with data security trends, including newly identified threats, regulatory changes and fresh content from leading security analysts.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.