Posted inPCI DSS Compliance
PCI DSS & Network Devices
PCI DSS requirements say many things about network security to make the card holder data safe and protected when it is stored, transmitted & processed. How we can achieve the…
Posted inPCI DSS Compliance
Profiling a Vendor of Visa/MasterCard Plastics and Holograms
The cardholder data breach is not a new thing. It is been a nightmare for every CIO in the world. Dancho Danchev's blog has an interesting article on how these…
Posted inIdentity & Access PCI DSS Compliance
Dual Control or Segregation of Duties?
Many information security professionals, event at the senior level roles, are still getting the internal control mechanisms such as Dual Control and Segregation of duties wrong. I often see that…
The rat race of vulnerability management
Patch management is one among the major IT Security concerns most of the organizations are worried about. It is practically not possible to have a 100% of the IT infrastructure…
Posted inData Protection PCI DSS Compliance
Global Payments breach.initial review
Security breaches are become a common thing these days. They hit the front page only when the size or importance of the breach become huge. The recent security breach at…
Posted inIdentity & Access PCI DSS Compliance
PCI DSS compliance and Password policy
Usernames and passwords is still the major method of authenticating users to the systems. It would be difficult to find someone without a user name and password in the workplace.…
Posted inCloud Security PCI DSS Compliance
Cloud solutions & PCI DSS Compliance
Businesses are increasing its dependence on cloud computing solutions. PCI DSS compliance is often a concern for many organizations when considering cloud or virtualized solutions. As mentioned in one of…
Posted inPCI DSS Compliance
How to be PCI compliant . small merchants
PCI DSS Compliance is a very hot topic these days. With the number of card data leakage incidents, every organization which cares about the reputation wants to know how to…
Posted inPCI DSS Compliance
PCI Compliance hosting
In my earlier post about PCI Compliant Hosting, we have discussed about the PCI Compliance areas to be looked into when considering a hosting service provider. In this post, I…
Posted inPCI DSS Compliance
Analysing the file integrity requirement of the PCI DSS
I always wondered about the file integrity monitoring requirement of the PCI DSS standard. What is the purpose of this requirement? Is it a control or an compensating control. Isn.t…