5 “Buts” Your QSA Doesn’t Want to Hear

December 22, 2015 • Published Categories Best PracticesTags , ,

Qualified Security Assessors like myself are conducting annual PCI assessments year round, so while your assessment may seem like an “it’s that time of the year again” activity, our interaction with your business often involves common themes. For example, we QSAs often hear a lot … Read more

A First Look at PCI DSS 3.1

April 22, 2015 • Published Categories Industry TopicsTags , , , ,

The PCI Security Standards Council (PCI SSC) has now officially released PCI DSS v3.1. This release contains some relatively minor clarifications needed after the last major release (v3.0) went into full effect January 1, 2015.  The primary driver for this new release, however, is the … Read more

Visa Issues Security Alert Regarding Insecure Remote Access

July 3, 2014 • Published Categories Industry TopicsTags , , , , , , , , , , , ,

The recent rash of data security breaches stemming from insecure remote access and user credential management issues has prompted Visa to issue a Data Security Alert to all merchants and the acquirers who serve them. Here is the statement from Visa’s email, which ControlScan received … Read more

5 Best Practices for Securing Your Small Biz

April 23, 2014 • Published Categories Best PracticesTags , , , , , , , , ,
Hosted Payment Technologies

The best way to truly strengthen your business’s security posture—which is the goal of the PCI DSS—is to have a sober understanding of your risk as well as the full scope of your PCI compliance responsibility. Here are five best practices for easily and cost-effectively … Read more