Emerald Business Systems Blog


Posted in Uncategorized by ebs4pos on March 8, 2010

Critical Log Review Checklist for Security Incidents

This cheat sheet presents a checklist for reviewing critical logs when responding to a security incident. It can also be used for routine log review. It was authored by Anton Chuvakin and Lenny Zeltser.

via .

http://www.securitywarriorconsulting.com/security-incident-log-review-checklist.html

Advertisements

Scoble, Secretariat and Mister Ed | Business is Personal

Posted in General Business,Online Business,Restaurant,Social Media Marketing by ebs4pos on March 7, 2010

A while back, Robert Scoble wrote a terrific post on Scobleizer about the worst things that startups do.I suggest you hop over there and check it out even if you aren’t in the technology business. When you’re done, come back so we can apply Robert’s comments to your not-a-startup small business. Psst…While you’re over there, I suggest you subscribe to his blog, even if you aren’t in the tech world. You’ll be glad you did.Now that you’re back, let’s look a little closer at Robert’s list because it isnt just startups that make these mistakes. Here’s a small business angle on his list of mistakes:

via Scoble, Secretariat and Mister Ed | Business is Personal.

Social Media Posting problems

Used to be, workplace gossip and tales of weekend carousing were shared at the water cooler, in the break room or over beers after work.

Now, through the miracle of the Internet, such news can be posted on sites such as Twitter, MySpace and Facebook and shared instantly with friends, virtual and otherwise, along with the rest of the world.

This brave new world is raising a host of concerns for employers, who want to tap into the power of social media to connect with customers and clients, but who can’t always control how it is used and what is said.

The lines between personal and professional are easily blurred with social media, prompting some organizations to adopt policies providing guidance on how and when employees post status updates or tweet their friends— or in some cases, banning social media sites outright in the workplace.

via Business: Home | “Posting problems” | The Register-Guard | Eugene, Oregon.

Create a policy for social media

Question: I am concerned about potential problems for my business from use by my employees of social media such as Facebook and My-Space. What should I do?

Answer: The key step for a business is to avoid leaving a vacuum. Adopt a social media policy, tell employees what it is and enforce it fairly and uniformly. The policy must cover two aspects of social media: potentially damaging personal use and the business uses of social media.On the personal use side, you want to address five core concerns: 1 personal responsibility, 2 possible confusion of personal comments with company positions, 3 compliance with other company policies, 4 protection of the company, its employees and customers and 5 interference with job performance.

via Business: Home | “Create a policy for social media” | The Register-Guard | Eugene, Oregon.

Profit Margins – Project Management Awareness Needed | MyProjectTracker – The Blog

Posted in General Business,POS by ebs4pos on March 6, 2010

“A profit margin on my project? – sure I got paid, isn’t that all that matters.” — End quote.

I’ve heard this four times in as many days and it is the theme tune of many small and not-so-small enterprises who are grateful for having cash flow. Big, big mistake. I call it Profit Margin Shame (PMS – what did you think I was talking about?)

When people (outside of big business) are asked about profit margins the reaction can be one of embarassment on the part of the business person. It is considered to be politically incorrect to even recognise the possibility that your company is making a profit and by inference a margin on every sale that you make.

Why is this? Margins are key to every businesses survival . Margins enable your business to grow and to continue to give your customers the quality of service that you aspire to deliver.

I would much rather know that a business I was dealing with was doing well as it instills a confidence on two fronts;

* the rather obvious “well at least they are going to stay in business while they are doing my job”

* but also the rather less obvious ” they are making money so therefore they have provided good service to their previous customer”.

Many believe that if a customer is aware of the fact that they make money/profit, that the customer will squeeze them on their delivery costs.

Really? Will they do that too much? Sure – they will haggle because that’s what is expected, but most customers are happy with value and will not contest a bill if they believe that they are getting this.

The trick for margins is to make sure that you deliver value and this is factored into your price.

How many times have you “covered your costs” to win the business (including your own time)?

More importantly, how many times have you not actually figured out how much it is going to cost you to do a job and just gone with the flow – this absence of margin calculation is a common theme amongst small enterprises in particular.

If you had considered a margin, how would your business have improved? How would your customer have benefited? What new concepts could you have researched and developed….? Oh, and how will you stay in business?

Margins – you need them!

via Profit Margins – Project Management Awareness Needed | MyProjectTracker – The Blog.

10 Things You Can Do to Make Your Online Business Money | Small Business Trends

How’s the first quarter of 2010 — and the rest of the year — looking for you and your business?

Are you primed and ready to make money this year?

Have you put a plan in place to promote your business and maximize your success?

Here are ten quick, easy-to-implement things you can do that will guarantee your online business will be making you money this year:

Write down your personal affirmation for the month and the year.

The goal here is to help you step back from the hustle and bustle and stay focused on what’s important to you.

Get your story, idea, product, or service announcement out into the marketplace seven different ways, all at once.

Choose from these options to make a powerful impact:

via 10 Things You Can Do to Make Your Online Business Money | Small Business Trends.

A ‘Breach’ in Customer Loyalty

Posted in PCI,Restaurant by ebs4pos on March 6, 2010

Compliance with the Payment Card Industry Data Security Standards PCI DSS continues to be a hot topic in hospitality circles, and for technology writers. In fact, large volumes have been written on the topic, with countless articles offering best practices and reporting on non-compliance penalties, such as increasing fees and commissions. It’s been reported, also, that the hospitality industry continues to struggle with compliance. The American Hotel and Lodging Association’s PCI Primer1 reports that upwards of 55% of credit card fraud comes from the hospitality industry, and the smallest merchants Level 4 account for more than 85% of compromises, with a noticeable increase in risks coming from franchisees.There is one area, however, that remains difficult to measure: consumer confidence. What is the tangible impact to customer confidence and company reputations when a security breach occurs? The University of Delaware is conducting a study, with the assistance of graduate student Ekaterina Berezina, on the impact of poor security on consumer confidence. Specifically, the study seeks to understand the impact of a credit card breaches on service quality, guest satisfaction, future revisit intention and the likelihood of recommending the brand/hotel to others word-of-mouth intention.

via A ‘Breach’ in Customer Loyalty | In This Issue | Hospitality Technology: Technology Resource for Restaurant/Lodging Executives.

Hitler and Cloud Computing Security

Posted in Uncategorized by ebs4pos on March 4, 2010
Tags:

Why 41 Percent of You Would Fail a PCI Audit – CSO Online – Security and Risk

Posted in PCI,POS,Retail by ebs4pos on March 1, 2010

Security vendors are launching a gazillion products this week at RSA Conference 2010, but hidden in all of those press releases are a few nuggets that illustrate the big picture trends. Here are a few of the more interesting items found in the press room this morning:

QSAs: 41 Percent of Companies Would Fail PCI audit

New research from The Ponemon Institute suggests nearly half of the companies out there would bomb a PCI security audit.

The report says that while only two percent of businesses outright fail compliance audits, 41 percent would fail if unable to rely on temporary compensating controls to meet Payment Card Industry Data Security Standard (PCI DSS) requirements. These alternative routes to compliance must meet QSA approval, but they may be just temporary fixes or be eliminated by future changes to PCI DSS. Their prevalence appears to indicate businesses are still coming up to the speed with the security standard introduced in 2006.

via RSA 2010: Why 41 Percent of You Would Fail a PCI Audit – CSO Online – Security and Risk.

Average Annual Cost of PCI Compliance Audit? $225k – CSO Online – Security and Risk

Posted in PCI,POS,Retail by ebs4pos on March 1, 2010

Merchants that undergo network audits to ensure compliance with the Payment Card Industry Data Security Standards are paying an average of $225,000 each year — and 10% of these business are paying $500,000 or more annually, according to a new study. In spite of that, 2% of them fail these audits.Credit card data security: Who’s responsible?The study, conducted by The Ponemon Institute under sponsorship of Thales, surveyed 155 qualified security assessors QSA worldwide who are authorized by the PCI Security Standards Council to conduct these annual technical reviews of the largest merchants’ networks. The QSAs were asked to share information about how much their customers are spending on annual PCI audits, which are required by banks and card associations, such as Visa or MasterCard, to be allowed to process payment cards.With $225,000 to $500,000 spent annually on a PCI audit, “that’s a large chunk of change to be doing each and every year,” says Dr. Larry Ponemon, the Institute’s founder. That cost doesn’t include the technology changes and the operating and staff costs associated with the audit, according to the survey. Ponemon notes that sometimes the annual PCI audit “leads to a better security posture, but not always.”

via Average Annual Cost of PCI Compliance Audit? $225k – CSO Online – Security and Risk.

« Previous PageNext Page »