Security Scanned Seal

...now browsing by tag

 
Approved Scanning Vendor Become PCI Compliant Data Security Standard Hacked Hackers Increase Your Rate of Conversion Outside Attacks Payment Card Industry PCI Compliance PCI Compliant PCI scanning Return on Investment security scan Security Scanned Seal Security Standards Council Trust Guard Trust Seals verification seals Video Security Seal Vulnerability Scanning Website Security
 

PCI Compliance – The Difference Between Vulnerability Scanning and Penetration Tests

Monday, December 28th, 2009

I have found that there are several website owners and hosting companies that are either misinformed or a little confused about the differences between a vulnerability scan and a penetration test.

There are, nonetheless, a major difference between the two. To quote from the book Achieving PCI Compliance page 245,

“A vulnerability scan is a simple test that looks for and reports on any vulnerabilities found within your network infrastructure. That is the extent of a vulnerability scan: Identification and reporting. [The PCI Compliant Security Scan reports describe any vulnerabilities a website might have, and also delineates the solution]

A penetration test is often times conducted after the vulnerability scan. A penetration test attempts to exploit one or more of the vulnerabilities identified during the vulnerability scan. A penetration test attempts to verify if an identified vulnerability is actually susceptible to being exploited.”

Vulnerability scanning must be run against the internal and external networks on a quarterly basis, and after any significant changes in the network like installations, changes in network topology, firewall rule modifications, product upgrades, etc. If you run the vulnerability scan and there are no security issues, a penetration test is not necessary.

Trust Guard, the leader in website security, uses a PCI compliant Approved Scanning Vendor (ASV) and offers vulnerability scanning on a quarterly and daily basis. They also provide the PCI compliant scan reports and security verification seals to show online visitors that the website has been scanned. When online consumers see that our sites are safe from hackers, they feel confident and our conversion rates increase – sometimes significantly.

If you have any questions about Trust Guard’s Security scans and/or trust seals, please call toll free 877-848-2731 – Ask for Aaron.

Posted in PCI Compliance | No Responses »
Tags: , , , , , , , , , , , ,

Secure Your Site & Increase Sales With Trust Seals

Monday, December 28th, 2009

There are many trust seals on the market today. That’s because online consumers have never been so cautious about shopping online as they are now.

It makes sense to display Security Verification Seals, Privacy Verification Seals, and Business Verification Seals – because shoppers are concerned about all three areas of website identity. One company, Trust Guard, provides all three seals – plus an industry exclusive Video Security Seal.

It makes sense for us as website owners to remove all the fear, doubt, and suspicion that accompanies making a buying decision online. When there is no hesitation to do what we want our online visitors to do, our conversion rates will increase.

Online consumers worry about the security of our websites.  They ask: Is this website safe? Will I get a virus? Do they scan daily for vulnerabilities so that hackers won’t get in and steal my personal information?

They worry about the privacy of the our websites.  They ask: If I give them my email address, will I wake up tomorrow with 50 emails from companies I’ve never heard of?

They worry about our integrity as business owners. They ask: Is this a trustworthy business? If there is an issue with my purchase, will I be able to contact someone?

There are several ways that trust seals give consumers the peace of mind they need to trust us as website owners. They can see on the seals the date of the last time that our websites were verified.  Also included on the trust seals are the names of our websites – customized exclusively for each particular company.

They can click on the seals and view the certificates that the trust seal company provides that show when our websites have been verified. The certificates will also show that the websites have passed the daily vulnerability scans – which everyone knows is the first line of defense in keeping our websites safe from hackers and outside attacks.

Online consumers can also view our phone, email, and physical address on the certificates, so that they know that they will be able to get a hold of us should the need arise. The trust seal company also provides their information, so that if for some reason we as website owners do not resolve a disagreement with a customer in a timely fashion, they can help.

It’s really pretty simple. When we as website owners increase the amount of traffic that trusts us, more people will do what we want them to do. One of the most productive ways to achieve high levels of trust with online consumers is to display Trust Guard trust seals on our websites.

Posted in Return on Investment | No Responses »
Tags: , , , , , , , ,