Security vs. Compliance with PCI DSS Requirement 8

August 4, 2020 • Published Categories Best Practices Tags , ,
PCI DSS Requirement 8

A few weeks ago I was talking with one of my coworkers about the whole security vs compliance conversation. Up until then, I held the premise that compliance does little for security. In retort to my statement he asked the rhetorical question, “Where would these … Read more

“Is it OK to enable remote access to my back office PC?”

September 4, 2014 • Published Categories PCI 101 Tags , , , , , , , , , ,

Question: Is LogMeIn PCI Compliant for a restaurant back office PC? I heard that leaving an open connection is not compliant. Answer: A remote access program such as LogMeIn can be PCI compliant; however, it must be securely implemented using multiple factors of authentication to … Read more

New Best Practice: Out with the Password, In with the Passphrase

June 11, 2012 • Published Categories Archive, Best Practices Tags , , , , , , , ,

The recent news of security breaches among major social networking sites reignites the ongoing dilemma of the password. As humans, we have the natural tendency to simplify its content and use. Unfortunately, hackers and data thieves know this and use it to their advantage. Perhaps … Read more