Wait a second.
There’s a painless way to complete a PCI Report on Compliance?
You’ve got to be kidding me.
I’m not kidding you.
Ready? Keep reading!
Working with QSA's since 2011, I realized that not all QSA's are created the same. Some QSA's have been working in the PCI DSS Compliance space for a few years,…
72% of merchants fall out of PCI DSS compliance within 6 months of achieving their Report on Compliance 2020 Verizon Payment Security Report What sets merchants who have successful PCI…
For most merchants, PCI DSS Compliance is a confusing, complicated mix of requirement complexity, lack of knowledge, and an ever changing threat landscape. From small retailers to global merchants, PCI is…
Warning: Complacency With Your Vulnerability Management Program Can Hurt Your Organization By definition, a computer virus is: a malicious application or authored code used to perform destructive activity on a…
Welcome back to the our series, The Ultimate Guide On Managing PCI DSS Requirement Frequencies. This week we’re diving head first into Requirement 3, “Protect Stored Cardholder Data,” and Requirement…
We’re interrupting the Ultimate Guide to PCI DSS Requirement Frequencies to bring you an important lesson on how to decipher the requirements in the DSS. Who should read this post:…
Welcome back to the Ultimate Guide To PCI DSS Requirement Frequencies! So far we’ve covered Understanding Your Scope and Getting Control of Unruly Firewall and Router Rules. Today we’re moving…
Best Practice: Developers and system administrators request changes to firewall rule sets all the time. Whether it’s to do work on system components or test system components, these changes can make a mess out of your rule sets. It’s so easy for someone to unintentionally request an “any” rule which is prohibited in the cardholder data environment. Our best advice is to insert your ISA or someone on the compliance team into the firewall rule change review.
Does managing your PCI scope feel like you’re herding cats or trying to nail jell-o to a tree? If you don’t have a handle on your scope, achieving or maintaining PCI DSS Compliance is next to impossible.