New Best Practice: Out with the Password, In with the Passphrase

June 11, 2012 • Published Categories Archive, Best Practices Tags , , , , , , , ,

The recent news of security breaches among major social networking sites reignites the ongoing dilemma of the password. As humans, we have the natural tendency to simplify its content and use. Unfortunately, hackers and data thieves know this and use it to their advantage. Perhaps … Read more

How ISOs & Acquirers Can Assess, Educate and Protect Their Merchants

August 10, 2011 • Published Categories Acquirer Programs, Archive Tags , , , , , , , , , , , , ,

The days of simply sending a newsletter or statement stuffer to a merchant describing the PCI requirements may no longer be sufficient to protect the Acquiring community (Sponsor Banks, Processors and ISOs) from the card brand obligations, liability and the impact of state law violations. … Read more

The Real Cost of Data Breach

April 16, 2009 • Published Categories Archive Tags , , , , , , , ,

(It’s more than you think—and you’re more at risk than you know.) Confusion. Denial. Plain old wishful thinking. That’s what we hear when we talk to people about the real cost of data breach. Whether you’re an ISO, an acquirer, or a merchant, maybe you’ve … Read more

Is PCI Compliance a Law? Should it be?

February 27, 2009 • Published Categories Archive Tags , , , , , ,

Is PCI compliance a law? The short answer is no. The long answer is that while it is not currently a federal law, there are state laws that are already in effect (and some that may go into effect) to force components of the PCI … Read more

Data Breaches Part I – Is it Possible to Prevent the Inevitable?

October 22, 2007 • Published Categories Archive Tags , , , , , , , ,

The media’s increased focus on data breaches.  As the settlement terms of the most talked about data breach in 2007-the TJX data breach-are being assessed in the millions, the Media’s attention has only increased its focus on data breaches. Industry-specific guidelines and compliance measures, such … Read more

Data Breaches Part II: Five Steps to Manage a Data Breach

October 22, 2007 • Published Categories Archive Tags , , , , , , , , , , ,

Though a smaller data breach than its predecessors at TJX and ChoicePoint, the musical instrument company Bananas.com (Bananas at Large) was the victim of a hacker, who, according to published reports stole an administrative password by accessing Bananas.com systems as a remote user. What’s interesting … Read more