We are going to highlight the crucial Requirement 8: Identify and Authenticate Access to System Components. Requirement 8 was overlooked by some companies who experienced these large security breaches. Had this requirement been implemented and monitored it may have prevented these breaches from happening to begin with. […]
Selecting a proper Service Provider to partner with in offering online transactions is a very important step for any organization. Before getting into the details of how to select a service provider, it is important to understand what a service provider truly is and what they do. […]
Goodwill, a nationwide chain that sells donated apparel and other household items has reportedly been involved in a series of credit card breaches. Investigators are currently looking into the potential theft; however, nothing has been confirmed. Appropriate action will be taken if it is discovered there was in fact a data breach. Suspicion began to […]
Documentation is an incredibly valuable and often times required step for ensuring compliance with the PCI DSS. At times documenting processes or procedures can be time consuming, luckily documenting user privileges for systems that touch your card data environment is a fairly simple process. […]
Ensuring that you develop and maintain secure systems and applications is critical to ensuring the security of cardholder data when transactions flow through your processing methods. It is also very important to remember that this requirement applies to ALL systems and applications within your card data environment…
We are moving into the third area of focus in the Data Security Standards, “Maintain a Vulnerability Management Program.” There are two requirements that must be met in order to successfully Maintain a Vulnerability Management Program, and this post aims to help you understand how to meet these requirements. […]
April 8th has come and gone and Windows XP is now officially retired. Microsoft is no longer supporting Windows XP and that means they will no longer patch bugs and security flaws in the software, making the utilization of Windows XP on your machines a major security threat. […]
Welcome back to another installment of our series on the PCI Data Security Standards: “Encrypt transmission of cardholder data and sensitive information across open public networks.” This month we will take a look at the fourth requirement your organization needs to follow in order to meet the PCI DSS. […]
This month we move into a new area of focus for the PCI Data Security Standards, Protect Cardholder Data. This area of focus is comprised of two specific requirements from the card brands, and they are crucial to making sure that your cardholders’ data is secure. […]
Passwords have become part of everyday life in the Internet. You need passwords for banking, email access, e-commerce, social media, and most websites where your private data may be stored or tracked. So how do you make sure you have set up your accounts with secure passwords that you […]