Is PCI Compliance a Law? Should it be?

February 27, 2009 • Published Categories ArchiveTags , , , , , ,

Is PCI compliance a law? The short answer is no. The long answer is that while it is not currently a federal law, there are state laws that are already in effect (and some that may go into effect) to force components of the PCI … Read more

Security vs. PCI Compliance

January 30, 2009 • Published Categories ArchiveTags , , , , , , , , ,

Reading accounts of highly publicized data breaches over the last few months occurring in companies that are seemingly PCI compliant, begs the question, “does PCI compliance equal security?” The answer is, “it depends.” Unfortunately no business is ever completely secure, but companies can mitigate their … Read more

What Constitutes a Payment Application?

November 25, 2008 • Published Categories ArchiveTags , , , , , ,

Companies frequently ask us about what constitutes a payment application as it relates to PCI Compliance. The term payment application has a very broad meaning in PCI. So hopefully the content of this brief article will help clarify the subject and better define the term. … Read more

Web Application Security – How do you know which Solutions will work best for your Business?

March 9, 2008 • Published Categories ArchiveTags , , , , , , , , ,

If you must store credit card data or you are interested in strengthening your current security practices, it is important to focus attention on your Web applications. PCI Requirement 6.6 requires that you ensure that all Web-facing applications are protected against known attacks by applying … Read more