Supply Chain Attack Against Sites Using Polyfill[.]io CDN 7/9/2024 The Polyfill[.]io CDN associated with the open-source Polyfill.js library has been compromised and the code served by the CDN has been modified to perform malicious actions. This library should be retired and/or replaced. |
Chrome Removing Entrust Root Certificates 6/28/2024 Google will be removing multiple Entrust root certificates from the root certificate store in Chrome due to security issues at Entrust. The certificates will be removed in version 127 and higher. |
Understanding Enterprise RFP Requirements: Reliability, Uptime, and Performance SLAs 10/10/2022 The central document that outlines the reliability, uptime, and performance of the technology services is the Service Level Agreement (SLA) which lays out the service level provided as well as how the services are measured and what the remedies are should the service levels not be met. |
Understanding Enterprise RFP Requirements: Security – Access Control and Authentication 9/2/2022 Beyond basic username and password credentials, the RFP is likely to ask for one or more of several other authentication arrangements or methods, including methods that allow nuanced access and considerations that tie spend management or purchasing permissions to user authentication. |
Understanding Enterprise RFP Requirements: Security – Sensitive Data and Consumer Privacy 6/22/2022 This installment of our RFPs & Rising Technology Demands series examines sensitive data and consumer privacy, including PII, cardholder data and consumer privacy laws that are often cited in RFPs seeking digital commerce. |
Understanding Enterprise RFP Requirements: Security 6/3/2022 This installment in our RFPs and Rising Technology Demands series provides an overview of security requirements, terms, policies, procedures, standards, frameworks, and more often found in RFPs. |
HTTPS or Bust: Google Continues Squeezing Out the Unencrypted Web 3/11/2020 |
Understanding the California Consumer Privacy Act (CCPA), aka ‘GDPR-Lite’ 11/12/2019 Once it takes effect on Jan. 1, 2020, the CCPA will become the strictest consumer privacy protection law in the United States. |
The Case for Complying With GDPR 5/21/2019 It’s the rising demand for consumer protections that needs your attention, if not necessarily the GDPR itself. |
Why Do Passwords Need At Least 8 Characters? 2/26/2019 Essent Systems Integration Manager Damon Kopp recently led a company training session on passwords and provided some interesting insights along the way — including why eight characters is the standard. |
Latest Google Chrome Browser Makes HTTPS the Expectation 7/30/2018 |
A PCI Security Deadline Could Halt Your Payment Card Processing or Draw Fines 7/5/2018 June 30 was the deadline set by the Payment Card Industry (PCI) Data Security Standards (DSS) Council to retire Transport Layer Security (TLS) 1.0 encryption. |
Payment Card Tokenization: Reducing Risk and Responsibility of PCI Compliance 3/28/2018 With Tokenization, even if a credit card thief wanted to get into your system, and did get into your system, there would be nothing to take but the worthless tokens. |
FAQ: PCI Mandate to Retire TLS 1.0, SSL 9/4/2017 The Payment Card Industry (PCI) Security Standards Council is strengthening its encryption standards to discontinue use of Transport Layer Security (TLS) 1.0 and Secure Socket Layers (SSL) in secure credit card transactions. |
Essent and its Products and Services Unaffected by WannaCry Ransomeware 5/15/2017 A critical and widespread ransomware attack known as Wanna Cry is affecting Microsoft Windows operating systems. |