TLSv1.0 and PCI Compliance.

Pci DSS compliance states by June 2016 that TLSv1.0 must be disabled. The downside to this is any browser IE10 and prior will not work to connect to your website. Those clients will need to upgrade their browsers, use a different browser or get with their browser...

Service Suspension

Have you ever taken a sales call where you absolutely knew you could solve the prospective customer’s pain for a reasonable investment (that in the long run would actually save them money), only to have them drop their mouth to the floor and complain your...

Hacker Attack Vectors

Repeat after me, “hackers most often target vulnerabilities, not specific people or companies.” Now, say that over and over again.. and shortly you should come to the conclusion that every single device and application typically has vulnerabilities which...

Shared, VPS, Dedicated, or Cloud

One of the common questions I hear from business stewards is, “How do I know what type of hosting to get? Will shared hosting be enough?” I also hear the variations of the above that often come in the form of, “my _______ told me I needed a dedicated...

SSL Beast and RC4-SHA

While there are a growing number of technical articles on how to protect your Apache based server against the SSL Beast, I’ve yet to see an article that goes into the SSL Cipher Suite that should be used for allowing only RC4-SHA and nothing else. This past...

The importance of documentation

I would like to share with a recent, real life, story of what happens to small businesses when there is little to no documentation. I’m hoping to encourage you to review the documentation standards you have set forth for your small business; and potentially to...