pci dss
Tag details
Welcome to the 'pci dss' tag page at Technorati. This page features content from the farthest reaches of the Blogosphere that authors have "tagged" with 'pci dss'.
Latest blogosphere posts tagged “pci dss”
-
British Security Defense Manual Leaked…
Payment Card Security & IT Controls Explained —
Authority: 100
The British government had their Defence Manual of Security (2001) leaked to the internet on October 4, 2009. The press and wikileaks provide a great breakdown of the information within it, and it is fairly accessible to those interested. What strikes me as interesting is not that it is in the public space now, ...2 days ago -
Hackers steal credit-card numbers from restaurant customers
DISC Infosec blog —
Authority: 410
Amazon.com WidgetsHere we have another unnecessary credit card data breach in a small organization which resulted in a loss of customers data demonstrating poor baseline security of small... [[ This is a content summary only. Visit my website for full links, other content, and more! ]]2 days ago -
SAS 70 Audits and PCI DSS Assessments | Expert Advice from an Auditor
Regulatory Compliance, Governance and Security —
Authority: 116
SAS 70 audits and PCI DSS assessments are truly starting to dominate the regulatory compliance landscape. For a large number of our firm’s clients, we actively assess them for yearly SAS 70 and PCI DSS compliance. The chatter of late is surrounding what efficiencies of scale, if any, can be had by conducting both ...1 week ago -
Radiant Systems and VAR being sued for Data Compromises
Society of Payment Security Professionals - Payment Security Blog —
Authority: 100
A recent press release announced that Radiant Systems and a reseller of their products called Computer World are being sued in a class action suit for “millions of dollars” for issues that resulted in hundreds of instances of identity theft. This is a very interesting wrinkle in the PCI DSS space. Those of us ...1 week ago -
PCI Qualified Security Assessor | How to Choose a QSA
Regulatory Compliance, Governance and Security —
Authority: 116
Need a PCI Qualified Security Assessor ? Curious as to how to choose a QSA? First and foremost, make sure the QSA has ample experience in performing on-site PCI DSS Level 1 assessments for merchants and service providers. Additionally, make sure the QSA has ample knowledge of policies and procedures, or can at ...1 week ago -
12 PCI Requirements | What you Need to Know for PCI DSS
Regulatory Compliance, Governance and Security —
Authority: 116
The 12 PCI requirements are essentially the areas that merchants and service providers will need to be compliant with regarding the Payment Card Industry Data Security Standards (PCI DSS) provisions. What’s important to note is that each and every requirement has very explicit “requirements” for what truly ...1 week ago -
“After Data Loss ID Theft Soars”….really?
Society of Payment Security Professionals - Payment Security Blog —
Authority: 100
I have worked in payment card security since 2000 when I was involved with Visa in writing/re-writing/updating the CISP. Since that time I have had opportunity to work with Visa and MasterCard, work as a QSA, and QSA Trainer. During that time I have had many opportunities to work with compromised companies and ...1 week ago -
PCI DSS and Service Providers | Common Examples of these Entities
Regulatory Compliance, Governance and Security —
Authority: 116
The Payment Card Industry Data Security Standards (PCI DSS) provisions call for both merchants and service providers to become PCI DSS compliant. Though the term “merchant” is easily understood, the term “service provider” has created some confusion as to who these entities really are. With that said, here ...2 weeks ago -
PCI DSS Compliance and the Major Payment Brands | What you may NOT Know
Regulatory Compliance, Governance and Security —
Authority: 116
Merchants and service providers seeking to become Payment Card Industry Data Security Standards (PCI DSS) compliant may not actually know that the five (5) major payment brand also have their own security risk management and compliance programs. However, rest assured that, by and large, these security risk ...2 weeks ago -
PCI DSS Readiness Assessments | Hire a Qualified Security Assessor (QSA)
Regulatory Compliance, Governance and Security —
Authority: 116
PCI DSS compliance can be an arduous undertaking for many service providers and merchants in today’s business arena. Add to the fact the many organizations are unsure of the roadmap for PCI DSS compliance, it makes sense to hire a Qualified Security Assessor (QSA) in helping you conduct a PCI DSS Readiness ...2 weeks ago -
DLP is Short for Disturbing Lack of Process?
Information Security Resources —
Authority: 516
By Danny Lieberman , Security Expert and Founder of Software Associates Ted Ritter has suggested that we rename DLP a Disturbing Lack of Process … Indeed DLP is not a well-defined term – since so many vendors (Kaspersky anti-virus, McAfee anti-virus, Symantec anti-virus, Trend Micro Provilla, CA ...2 weeks ago -
End-to-end encryption is the key to protecting data and reputations
PopHomeTech —
Authority: 147
In order to avoid the financial and brand damage associated with data breaches, businesses need to consider deploying end-to-end encryption as a tamper proof way of securing data. Commentary - Media outlets around the globe highlight new data breaches at an alarmingly regular rate. Forrester estimates that the cost...3 weeks ago -
PCI DSS Roadmap to Compliance | Phase I
Regulatory Compliance, Governance and Security —
Authority: 116
Merchants and service providers seeking to become Payment Card Industry Data Security Standards (PCI DSS) compliant, will need to embark on a structured “PCI DSS Roadmap to Compliance” for ensuring a seamless and transparent process. So what does this really mean and entail? It essentially requires all ...3 weeks ago -
A 12 STEP PROGRAM TO SECURING YOUR SMALL-TO-MEDIUM SIZE BUSINESS: STEP 4
Wael Isa —
Authority: 150
This is the fourth in a series of twelve articles for the non-technical managers at small to medium sized companies who operate smaller networks and may lack a sophisticated in-house information technology department. Cost: Moderate – Software is free but effective tuning takes time Technology skill level: ...3 weeks ago -
Common Areas for PCI Violation
Memmis.com News Agency —
Authority: 169
With so many threats coming from around the world targeting a companys data, which includes their customers data, the business industry created PCI compliance standards to protect sensitive information. PCI Compliance is a global mandated set of standards that businesses must implement and follow in order to protect ...3 weeks ago -
Amazon Cloud Attacked – Lessons Learned
Payment Card Security & IT Controls Explained —
Authority: 100
As mentioned in prior posts, Cloud security and addressing the risks that exist (the new risks and the new tools to address these risks) is fundamental to ensuring a successful and beneficial use of the Cloud provider environments. The RSA London conference held several strong documents highly to help approach the ...3 weeks ago -
PCI Compliance Does Not Equal Security
Information Security Resources —
Authority: 516
By Danny Lieberman , Security Expert and Founder of Software Associates I recently saw a post from a blog on a corporate web site from a company called Cloud compliance, entitled Compliance is the New Security Standard . Cloud Compliance provides a SaaS-based identity and Access Assessment (IdAA) solution ...5 weeks ago -
Only 3 Seats Left for Dallas CPISM/A!
Society of Payment Security Professionals - Payment Security Blog —
Authority: 100
The Dallas CPISM/A training and certification course has filled up quickly and we only have 3 seats left. If you are interested in attending the November 10-13th event, sign up soon. After reviewing the registrants, this should be a very interactive course with some great comments and input from the participants and ...5 weeks ago -
Another End to End / Tokenization Entrant
Society of Payment Security Professionals - Payment Security Blog —
Authority: 100
Everyone who has read my blogs over the past few years or spoken to me about PCI DSS knows my feelings on end-to-end encryption and data replacement technologies. I have a huge proponent and feel that these technologies will help secure our industry and provide significant benefits in reduction of PCI DSS ...5 weeks ago -
Abstract About PCI Regulation Discussion
Computer Training Blog —
Authority: 128
PCI DSS is Payment Card Industry Data Security Standard, a collaborative effort to achieve a common set of security standards for use by entities that process, store, or transport payment card data. This is adequate for: all merchants like “store, process, or transmit cardholder data” and all payment channels ...5 weeks ago
