Trustwave's SpiderLabs team has been hard at work. You may have seen their recent updates on the additions to the TrustKeeper scan engine. (Read their blog post here.)
This technical update probably makes a lot of sense to our medium and large enterprise customers. But what does this mean for our small business customers, who may not be as technically savvy?
First, let's review the importance of a scan. An external vulnerability scan looks at your business' external facing IP addresses from the Internet. Much like checking for unlocked doors and windows, a scan ensures that your network is locked down, and that any open ports are secured.
Second, why should you scan your system regularly? Any business accepting credit cards is required to certify their PCI Compliance, and external vulnerability scanning is one of the requirements of self-assessment.
Lastly, why does this update matter? These additions address the latest security threats in the most common systems - those systems that the majority of businesses are using today. If you're already scanning with us today, these additions are automatically added to your ongoing TrustKeeper scans. It also means you may fail a scan if you're not patching or updating your system.
So while failing a scan is not good, scanning is great - it's a constant, automated way to monitor your system and easily identify what you need to do to secure your system. For small business, this is the leg up they need on network threats and nefarious third parties. Make sure your business is protected - and that your customers' cardholder data is protected.