May 4, 2012
For those that aren’t keeping track, June 30, 2012 is a day to mark on your calendar. Not because of any special anniversaries or birthdays (although if yours does fall on that day then Congratulations!). June 30 is the day that we can add one more validation point to our compliance lists from the PCI Data Security Standard.
December 30, 2010
One typical question NetSPI receives from IT managers is "What does PA-DSS entail?" Hopefully, this will give you some answers.
November 17, 2010
Level 4 merchants have several "facts of life" that should be kept in mind when making recommendations for complying with the PCI DSS
November 10, 2010
In September Visa released a document, Tips and Tools for Small Merchant Businesses - 2010. The title implies that this information will be useful for Level 4 merchants; however, I believe this guidance still falls way short.
October 18, 2010
Surprisingly, I have found that many organizations struggle with data retention - not just managing and archiving credit card data but even defining appropriate data retention policies. There seems to be a lot of misinformation or at least misunderstanding out there so hopefully this will help clear things up a bit.
September 9, 2010
We were asked by a customer about performing code review based on the PCI requirements. The questions they asked were...
July 26, 2010
In the realm of PCI, the network of independent agents might not be so independent after all.
June 14, 2010
I like to watch industries evolve in how they deal with information security. It was interesting to watch retail evolve as PCI got more organized. The PCI Council put together the DSS with dates and penalties for breaches and non-compliance, …
May 20, 2010
As an information security professional, my experience within the payment card security industry has taught me that credit card fraud is not just an information security or information technology issue, but increasingly also a financial one. In order to process …