The Three Essential Elements of Authentic PCI Compliance

March 27, 2017 • Published Categories Acquirer ProgramsTags , , ,
Authentic PCI compliance goes beyond simply checking the boxes of your SAQ

How many of your merchants are just checking the boxes? Checkbox compliance is nothing new in the payments industry. In fact, Google “checkbox compliance” and you quickly see that thousands of posts have been written about it. These posts describe the exercise of racing to … Read more

Penetration Testing: Ask the Right Questions Before You Sign

February 24, 2016 • Published Categories Best PracticesTags ,

Find an Experienced Penetration Tester Like most security testing services, the quality of service you get in a penetration testing engagement can vary tremendously from vendor to vendor. That’s because penetration testing is human-driven, relying upon the tester’s expertise and diligence. Evaluate Potential Providers Asking the … Read more

The Who, How and Why of Intrusion Detection

December 1, 2015 • Published Categories PCI 101Tags , ,

Understanding the need for intrusion detection. At 115-pages, PCI DSS v3.1 makes it clear there’s much to consider when evaluating the security of your payment card environment. In fact, you may be questioning how much effort to put into the task. Is it all futile … Read more

Microsoft Ending Support for Windows Server 2003

April 13, 2015 • Published Categories Industry TopicsTags , , ,
Deadline Ahead for Windows 2003 Server

Microsoft recently announced that it is ending support for the Windows Server 2003 operating system on July 14, 2015. Windows Server 2003 is heavily relied upon in e-commerce. Therefore, if your business conducts e-commerce (i.e., has a website with a shopping cart), then it’s possible … Read more

PCI DSS v3.1 and SSL: What you should do NOW.

March 5, 2015 • Published Categories Best PracticesTags , , , , , , , , , ,

12/21/15 Update: The PCI SSC is extending the migration completion date to 30 June 2018 for transitioning from SSL and TLS 1.0 to a secure version of TLS (currently v1.1 or higher). Learn more here.  4/15/15 Update: The PCI SSC released PCI DSS v3.1 on its … Read more

New “Backoff” Point-of-Sale Malware Alert

July 31, 2014 • Published Categories Industry TopicsTags , , , , , ,
Remote security

The United States Computer Emergency Readiness Team (US-CERT) has issued an advisory warning of a new POS malware that, “at the time of discovery and analysis…had low to zero percent anti-virus detection rates, which means that fully updated anti-virus engines on fully patched computers could … Read more