Blog Information Security

Category: PCI ComplianceX

• The Anatomy of a Phish 10/11/2017  |  By: Derek Rush, Manager

  Phishing attacks are cybercrimes conducted through email, telephone, or text messages, typically performed by a cyber-criminal posing as an institution or a trusted person to…
  read more >

  Posted in: Compliance and Audit, PCI Compliance
• 3 Types of Tasks You Should Document for PCI DSS Compliance 09/12/2017  |  By: Brian Willis, Senior Manager, Information Security

  PCI Documentation can seem like a long, painstaking process for many merchants and service providers. Many that I work with describe it as "staring at a mountain of policy…
  read more >

  Posted in: PCI Compliance

  Tagged with: PCI Compliance
• 7 Keys to Comprehensive PCI DSS Documentation 08/15/2017  |  By: Brian Willis, Senior Manager, Information Security

  When it comes to the PCI Data Security Standards, ensuring your policies, standards, and procedures are captured in a formal document is critical. For many PCI requirements (or…
  read more >

  Posted in: PCI Compliance

  Tagged with: PCI DSS, Payment Card Industry Data Security Standards, PCI compliance
• Five Steps for Maintaining PCI Compliance in the Cloud 02/15/2017  |  By: Mark Burnette, CPA, CISSP, CISM, CISA, CRISC, CGEIT, ITIL, QSA, Shareholder, Information Security

  The use of cloud computing by companies of all sizes continues to grow. If your organization plans to store, process or transmit payment card information via the cloud, compliance…
  read more >

  Posted in: PCI Compliance
• Check Your Work: How a Network Security Audit Can Keep You Prepared 07/26/2016  |  By: Frank Knobbe, QSA , Shareholder, Information Security

  When you’re faced with complex network security rules, it’s easy to make mistakes. Sometimes, the rules may be government-imposed, such as HIPAA guidelines for healthcare…
  read more >

  Posted in: Healthcare, PCI Compliance, Compliance and Audit
• 6 Myths About PCI Compliance Regulations 07/19/2016  |  By: Mark Burnette, CPA, CISSP, CISM, CISA, CRISC, CGEIT, ITIL, QSA, Shareholder, Information Security

  The Payment Card Industry Data Security Standards are a wide-ranging set of industry guidelines, laying down requirements (and potential penalties) for every business that accepts…
  read more >

  Posted in: PCI Compliance, Compliance and Audit
• Penetration Testing and PCI Compliance Requirements 07/12/2016  |  By: Mark Burnette, CPA, CISSP, CISM, CISA, CRISC, CGEIT, ITIL, QSA, Shareholder, Information Security

  Any organization that processes, stores, or transmits payment card data has to comply with the Payment Card Industry Data Security Standards (or PCI DSS). Whether you’re a…
  read more >

  Posted in: PCI Compliance, Compliance and Audit
• 3 Ways to Reduce the Costs of PCI Compliance Regulations 06/29/2016  |  By: Mark Burnette, CPA, CISSP, CISM, CISA, CRISC, CGEIT, ITIL, QSA, Shareholder, Information Security

  The Payment Card Industry Data Security Standards (or PCI DSS) provide comprehensive security guidelines for merchants who process, store, or transmit credit card data…
  read more >

  Posted in: PCI Compliance
• PCI DSS Version 3.2: What You Need to Know 02/24/2016  |  By: Stewart Fey, Director of Technical Services, Mark Burnette, CPA, CISSP, CISM, CISA, CRISC, CGEIT, ITIL, QSA, Shareholder, Information Security

  In December of last year, the PCI Security Standards Council announced an extension of the deadline for the Secure Sockets Layer (SSL)/early Transport Layer Security (TLS)…
  read more >

  Posted in: PCI Compliance
• Reducing PCI Scope, What Makes Good Network Segmentation? 02/12/2016  |  By: Stewart Fey, Director of Technical Services

  What systems are in scope for PCI Compliance? If you go by the PCI DSS Requirement document, this is what they say in version 3.0 about PCI Scope. The PCI DSS security…
  read more >

  Posted in: PCI Compliance