PCI Compliance Archives

PCI Council Releases New Guidance for Virtualization

The PCI Security Standards Council recently released new supplemental guidance (PDF) regarding PCI compliance considerations for the use of virtualization technologies. (more…)

Free Intro to PCI Training Available

In case you weren’t able to attend today’s webinar, Introduction to the Payment Card Industry Data Security Standard, we’ve posted a recording of the entire session on Halock’s YouTube channel.

The full 6-part series is embedded below for your convenience. (more…)

National Vulnerability Database (NVD) National Checklist Program Repository

National Vulnerability Database (NVD) National Checklist Program Repository. While working with our clients to establish appropriate system hardening standards for PCI compliance, we are often asked to provide resources and guidance that can be referenced as additional system and operating system types are deployed. The following NIST resource can be most helpful in this regard. (more…)

PCI DSS Quick Reference Guide v2.0 Released

The PCI Security Standards Council has released the new PCI DSS Quick Reference Guide, updated for the new version 2.0 of the Payment Card Industry Data Security Standard (PCI DSS). (more…)

Visa to Launch Mobile Wallet in U.S. this Fall

Visa has announced plans to launch a mobile wallet using NFC (“Near Field Communications”) to facilitate mobile payments. See the detailed announcement from Computerworld here: (more…)

PCI Contract Language for Service Providers

One of the topics our team of QSA’s gets asked frequently is about what kind of language should be in PCI Service Provider contracts to meet the intent of PCI DSS requirement 12.8.2, which is as follows: (more…)

Study finds that PCI compliant companies suffer far fewer data breaches

Many of us in IT Security support the best practices outlined in the PCI DSS, but still have a hard time obtaining the executive-level sponsorship needed for a really successful PCI compliance program… A recent study by Imperva and the Ponemon Institute produced some results that may help you make (more…)

Microsoft Security Guides and Compliance Resources

Microsoft Security Guides and Compliance Resources. For those of you managing security across Windows-based systems or doing development within a Windows environment, Microsoft has some valuable tools and resources available to help with security and compliance. (more…)

New PCI Guidance Issued for Call Centers

The PCI Council has published new guidance for Call Centers handling credit cards via telephone, especially when VoIP is used, and also addresses issues surrounding the storage of recorded calls. (more…)

PCI’s Impact on Security – Quantified

A recent study by Imperva provides some interesting insights into the impact PCI Compliance is having in terms of the likelihood of a security breach. (more…)

Previous 101112 Next