April 11, 2013
A question came up about a PCI audit that was performed for one of our customers. They just finished their PCI audit and passed. I am now working with them on a new software application and there is a vulnerability …
In this, the second installment in a series discussing common PCI compliance challenges, I address non-compliant payment applications. Such applications are nearly ubiquitous in the cardholder data environments of smaller merchants (and even some of the larger ones). However, merchants …
Here we continue our discussion of “what happens when a Merchant outsources their e-commerce environment.” In Part I, we touched on the types of e-commerce operators, including those that are purely e-tailers and those that are mixed brick-and-mortar and online …
Many brick-and-mortar merchants maintain some type of e-commerce environment. For those of you experienced in management of PCI, this has obvious implications: assessment of infrastructure, firewalls, web servers, server administration, access controls, cardholder data encryption, storage, retention and transmission, database …
. . .leading retailers began to use the requirements of PCI (for example) to re-invigorate broader security initiatives and to use any technical or policy adjustments as opportunities to simplify their security scope and implement better overall security policy.
Copyright ©2012 NetSPI Inc. All rights reserved