Generate your own 4096 Bit Encryption Keypair for Security
Let say you want to raise the level of encryption when you SSH to your linux box, you may feel that 1024 bit encryption isn’t working out very well for you.
Here’s a fast and simple tool to use:
It’s called puttygen.exe can be found at:
You won’t have to worry about doing this via the command line. High security generation made easy.
Great Tool for Windows Server Active Directory Exploration
Another great tool worth reviewing is adexplorer.exe which allows in most AD environments users the ability to go and look at ADS. So this can be useful for determining if users belong to the correct OU. It runs stand alone and does not require necessarily that you are an Enterprise\Domain Admin. Also you can save some time while drilling down throw to the root cause of an issue whether it be ACLs, Perms, etc. related.
https://www.hpdit.com/sysinternals/ADExplorer.exe
At HPD Global – VIT Cloud Services we certainly have had the benefit of using this tool for Fortune 100 companies, we can attest to having this knowledge and experience to get the job done for any type of business environment. Without getting full active directory access to do a PCI Audit we were able to use this tool which allowed object attributes to be ignored in Active Directory and allow us to do User Object account audits. This was in regards to all the Administrator accounts which is something looked at when performing PCI, SOX, and IAB, MRC Audits. Is compliance a mystery to you and your Org? We can certainly help you get on track with regards to compliance, which is something not going away. Contact us today.
Are you PCI Compliant?
More and more businesses are going virtual each day and put their business to work for them 24 hours a day. With, e commerce in expansion in mind it becomes totally imperative to establish standards of security. The Payment Card Industry or PCI has established pretty clear standards for companies that wish to utilize this fast growing and highly lucrative line of business. Funded by Visa and Mastercard primarily; PCI was developed to ensure consumer confidence in purchasing goods and services over the internet. Whether you are a small or large corporation and you have an established online business, you are expected to be PCI Compliant. Failure to do so can cost your business profound costs in litigation, fees from Visa and Mastercard, and loss in potential business. It simply is not worth the risk to your business to lack in due diligent security. As a solution, HPD Global IT Consulting offers Enterprise-wide PCI Compliance SaaS solution to businesses that are small as well as large. We implement all DSS standards and provide you with a security baseline to start you off with security due diligence.
More and more these days it is becoming totally necessary to be compliant with Industry and Government standards or face paying huge fines that many businesses do not survive financially. The security threats are real and more and more we are hearing about this in the media. Security crackers have caused billions in damages, we can only estimate how much is kept away from the public eye and government by private organization who pay hush money to keep customer satisfaction up. PCI compliance really covers a lot of areas in which its possible for Card holder information to be stolen.
The core of the PCI DSS is a group of principles and accompanying requirements, around which the specific elements of the DSS are organized:
Build and Maintain a Secure Network
Requirement 1: Install and maintain a firewall configuration to protect cardholder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data
Requirement 3: Protect stored cardholder data
Requirement 4: Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program
Requirement 5: Use and regularly update anti-virus software
Requirement 6: Develop and maintain secure systems and applications
Implement Strong Access Control Measures
Requirement 7: Restrict access to cardholder data by business need-to-know
Requirement 8: Assign a unique ID to each person with computer access
Requirement 9: Restrict physical access to cardholder data
Regularly Monitor and Test Networks
Requirement 10: Track and monitor all access to network resources and cardholder data
Requirement 11: Regularly test security systems and processes
Maintain an Information Security Policy
Requirement 12: Maintain a policy that addresses information security
Of course each and every requirement is probed further during an audit to ensure necessary security due diligence is in place. It truly does take a lot of hard work to build a security baseline and managerial understanding, let us help lessen the headache with our secure Cloud Services. Contact us today.
