Best Practice: Developers and system administrators request changes to firewall rule sets all the time. Whether it’s to do work on system components or test system components, these changes can make a mess out of your rule sets. It’s so easy for someone to unintentionally request an “any” rule which is prohibited in the cardholder data environment. Our best advice is to insert your ISA or someone on the compliance team into the firewall rule change review.
How to Manage Your PCI DSS Scope (Even If It’s Always Changing)
Does managing your PCI scope feel like you’re herding cats or trying to nail jell-o to a tree? If you don’t have a handle on your scope, achieving or maintaining PCI DSS Compliance is next to impossible.
The Ultimate Guide On How To Manage PCI DSS Requirement Frequencies
Through our Ultimate Guide On How To Manage PCI DSS Requirement Frequencies, we’ll walk you through each requirement area and show you what the specific requirement frequencies are, why they have a frequency, and we’re going to share our best practices on how to create sustainable processes so that you can maintain PCI DSS Compliance without pulling your hair out.
How Well Do You Know Your PCI Assets?
On the first day in my new role as PCI Compliance Sustainability Program Manager, my […]
Beware The Perils And Pitfalls Of The PCI DSS Requirements
When I was in training for my PCI ISA certification in 2012, I heard the […]
10 Tips to Breeze Through Your Next PCI Interview
Most people would rather have root canal without novocaine than be interviewed by a QSA […]