You’ve just been informed that your small business needs a firewall for PCI compliance. If you have no idea what that is and why your small business would even need a PCI-compliant firewall, then you’ve come to the right place. What is a PCI-Compliant Firewall? … Read more
High-risk payment acceptance is everywhere. A recent payment experience at my local dry cleaners caused me some alarm, so much so that I described it in detail on LinkedIn: Without any real forethought I pulled out my debit card. Maybe it was the knowledge that … Read more
The recent rash of data security breaches stemming from insecure remote access and user credential management issues has prompted Visa to issue a Data Security Alert to all merchants and the acquirers who serve them. Here is the statement from Visa’s email, which ControlScan received … Read more
The best way to truly strengthen your business’s security posture—which is the goal of the PCI DSS—is to have a sober understanding of your risk as well as the full scope of your PCI compliance responsibility. Here are five best practices for easily and cost-effectively … Read more
NOTE: There have been updates to the PCI DSS 3.0 standard since this post was published. The current revision is 3.2r1.1; however, the only significant changes to the SAQ B-IP have been the additions of segmentation testing and multifactor authentication for all remote access. The new … Read more
According to the most recent Verizon Data Breach Investigations Report, hackers are apparently spending a lot more time discovering the latest hip, trendy restaurants. But they are not spending money on artisanal cheeses, free-range chicken, or chickpea and orzo salad with Piquillo pepper vinaigrette. Nope. They … Read more