February 11, 2009 10:27 PM
Posted by: Charles Denyer
12 pci requirements,
Linux,
payment card industry data security standards (PCI DSS),
pci audit trails,
pci dss logging,
PCI Requirement 10: Regularly Monitor and Test Networks,
qualified security assessor (QSA),
unix,
windowsPayment Card Industry (PCI) Data Security Standards (DSS) compliance is often not a black and white assessment. Sure the PCI council gives you the complete assessment document, which fully explains each of the twelve (12) requirements and what is needed for validating each of these respective...
February 9, 2009 2:04 AM
Posted by: Charles Denyer
payment card industry data security standards (PCI DSS),
PCI Compliance strategic plan.,
pci merchant,
PCI self assessment questionnaires (SAQ),
qualified security assessor (QSA),
service provider,
third party processerNeed to be Payment Card Industry (PCI) compliant in 2009? Are you a Merchant, Service Provider, Third Party Processor or some other Third Party outsourcing entity involved in the process, storing, or transmitting of payment and creditcard data? If so, listen up, because you need to develop a PCI...
February 8, 2009 3:11 PM
Posted by: Charles Denyer
carhdolder data,
payment card industry data security standards (PCI DSS),
pci dss v1.2,
pci security standards,
PCI self assessment questionnaires (SAQ),
qualified security assessor (QSA)Payment Card Industry (PCI) compliance is becoming a force to reckon with, to say the least. It seems as if every possible and conceivable industry in the country is being affected by PCI compliance, either directly or indirectly. What's important to note about PCI compliance is that it primarily...
February 7, 2009 12:04 AM
Posted by: Charles Denyer
merchants pci dss,
payment card industry data security standards (PCI DSS),
qualified security assessor (QSA),
service providers payment card compliancePayment Card Industry (PCI) Data Security Standards (DSS) compliance will no doubt continue to grow in 2009 and beyond. The number of merchants, service providers, and other third party processors/third party providers needing the PCI stamp of approval will continue to grow, based on varying...
January 30, 2009 9:33 PM
Posted by: Charles Denyer
cardholder environment pci dss,
payment card industry data security standards (PCI DSS),
PCI DSS,
qsa pci dss,
qualified security assessor (QSA),
system components pci dss complianceRegarding PCI DSS compliance, i'm often asked as a PCI QSA what is the cardholder environment? In essence, people are wanting to know what is in scope and how do you determine scope. To be honest, it is not at all a clear black and white answer; so many variables come into play, the biggest being...
January 28, 2009 12:47 PM
Posted by: Charles Denyer
1.1.2 netowrk diagram,
cardholder data pci dss,
firewalls,
firewalls pci dss,
payment card industry data security standards (PCI DSS),
PCI DSS,
pci dss requirement 1.1.2,
qualified security assessor (QSA),
remote access pci dss,
routers and switches,
system components,
wireless networking pci dssPCI DSS Requirement 1.1.2 is an often overlooked area within the PCI framework for assessment. That's also a shame because it's such a critical component for helping lay the groundwork for true clarity and transparency for the assessment...
