Get latest articles directly in your inbox, stay up to date

tags

Security PCIDSS4.0 PCI Requirements OBS Global PIN QPA/PIN

What the PIN?! 3 Entities that MUST Comply with the PCI PIN Standard
By Greg Kraft on May 2, 2024

Are you an acquirer or processor that manage PIN data, a vendor that provides systems that handle PIN data, or a merchant that stores, processes, or transmits PIN data? If so, you will want...

Continue Reading
tags

Security PCIDSS4.0 PCI Requirements OBS Global encryption

Disk Level Encryption: The 3.2.1 Magic Bullet has been Left Behind
By Paul Gregoire on November 1, 2023

Prepare for a transformative shift in cardholder data security with PCI DSS v4.0. With native disk encryption no longer a shield, organizations worldwide must swiftly adapt, revisiting...

Continue Reading
tags

Security PCI RSP PCIDSS4.0 PCIDSS PCI DSS v4.0 OBS Global

Take a Pit Stop – 5 Point Inspection Questions to Consider NOW before the 4.0 Last Lap
By Sherri Collis & Steve Levinson on June 21, 2023

2023 is flying by. Before you can say March 2024, v3.2.1 of the PCI DSS will be retired. Do you know what your organization needs to do to cross the v4.0 finish line, and how much time it...

Continue Reading
tags

Security InfoSec PCIDSS4.0 Payment Card Industry Network Breach Unpatched Systems Patch

#1 Preventative Measure to Stop Network Breaches
By Daryl Jackson on February 16, 2023

Despite the significant changes introduced with PCI DSS v4.0, there are many bedrock requirements that did not change. This article serves to highlight an often neglected, but extremely...

Continue Reading
tags

Security PCI RSP PCIDSS4.0 PCIDSS PCI DSS v4.0

Three Steps to Avoiding an “In Place With Remediation” Status
By Sherri Collis & Steve Levinson on August 15, 2022

Three steps to avoiding the new "In Place with Remediation" status and using the seven P's to help -- prior proper planning prevents p*#s poor performance!

Continue Reading
tags

PCI PCIDSS4.0 PCI Assessment PCI DSS v4.0

Authenticated Vulnerability Scanning
By Jeff Man on May 2, 2022

One of the most significant changes introduced in PCI DSS v4.0 involves the documented approach for performing internal vulnerability scans. The internal vulnerability scanning requirement...

Continue Reading
tags

PCI PCIDSS4.0 PCIDSS PCI DSS v4.0

Monitor the Monitoring
By Clark Dixon on April 21, 2022

There are two notable changes that may require a fair bit of runway to fully meet the existing requirement to monitor your critical security control systems.

Continue Reading
tags

PCIDSS4.0

There is Trouble Brewing: In Place with Remediation
By Sherri Collis & Steve Levinson on April 21, 2022

What could possibly go wrong with calling out a non-compliant status, or “In Place with Remediation,” on your Attestation of Compliance? Do you have a storm brewing you are yet aware of?

Continue Reading
tags

PCI PCIDSS4.0 PCIDSS PCI DSS v4.0

Understanding the Changes to Appendix A1: Multi-Tenant Service Providers
By Adam Gaydosh on April 21, 2022

Are you a SaaS? Do you offer various shared services to merchants and other service providers with access to resources or services being logically controlled or partitioned to keep...

Continue Reading
tags

PCI PCIDSS4.0 PCIDSS PCI DSS v4.0

Incident Response - Unexpected PAN Identified
By Mark Hannah on April 21, 2022

Mistakes with PAN happen! Data leaks, memory dumps, or debug logs can accidentally contain sensitive information and can leak data into unexpected places in your environment. It is now a...

Continue Reading

Submit a Comment

Get latest articles directly in your inbox, stay up to date