PCI Data Security Standard version 1.2 now active.
As of October 1, 2008 the PCI Data Security Standard version 1.2 became active. There are a number of changes to PCI DSS since version 1.1. Version 1.2 removes much of the ambiguity from earlier...
View ArticlePCI Compliance and Receiving Credit Card Payments by Fax
The low cost of web and email based fax delivery services may seem like a good way to save your business money but not if you receive credit card payments by fax. This would fall under the Payment Card...
View ArticleBatteries.com Credit Card Data Stolen
Yet another data breach involving theft of credit card data has been announced. On March 13th, Batteries.com received notice from a customer about potential unauthorized activity on their credit card....
View ArticleUnderstanding PCI Levels and Types
Any merchant who accepts credit cards and has a merchant account must validate compliance. It does not matter if you use a 3rd party processor or if you outsource all of your credit card processing....
View ArticleAmazon confirms EC2/S3 does not meet PCI guidelines
If your business requires PCI compliant hosting services because you store, transmit or process cardholder data, hosting in the cloud may not be for you. Most cloud providers do not have the controls...
View ArticlePCI Compliant Hosting – Are you sure your host knows what PCI is and what...
I recently had a discussion with a potential customer on why they should work with ZZ Servers instead of one of the now hundreds of other hosting providers offering PCI “compliant” hosting services....
View ArticleAnti Virus and PCI Compliance
Last year PCI DSS 1.2 was released changing the intent of the controls required for anti-virus software. In version 1.1 anti-virus software was only required for systems commonly affected by viruses...
View ArticlePCI Data Security Standards Rock Video
This short animated video provides an overview of the PCI Data Security Standard in a more entertaining way.
View ArticleServer cabinet door alarm
The first step in securing servers is to ensure that they are physically as secure as possible and and then monitored for unauthorized access Many times when setting up servers in a small office or...
View ArticlePCI DSS and SSL v 3
With widespread and disastrous SSL/TLS vulnerabilities taking place such as POODLE and FREAK, SSL and early TLS versions are no longer considered strong cryptography and any web site that still uses...
View Article
More Pages to Explore .....