3 Reasons to Get Involved in Your Merchants’ mPOS Adoption

September 17, 2014 • Published Categories Acquirer ProgramsTags , , , , , , , , ,

ControlScan has just released a new report detailing its latest research findings on mobile technology adoption among small and mid-sized businesses (SMBs). The report, Mobile at the Point of Sale: How SMBs are Adopting Mobile Devices to Accept Card-Present Payments, is based on input from … Read more

“Can We Securely Store Card Data for Recurring Billing?”

August 8, 2014 • Published Categories PCI 101Tags , , , , ,
Hosted Payment Technologies

Should your business store cardholder data? While the PCI DSS discourages businesses from storing credit card data, many feel the practice is necessary in order to facilitate recurring payments.Here are a few of the related questions we’ve recently received: Question: We store credit card info (number … Read more

About Third-Party Access to Core Business Apps…

July 28, 2014 • Published Categories Best PracticesTags , , , , , , ,
The Cloud

Question: Our cardholder data environment (CDE) resides in a private cloud with Amazon Web Services. One of our core applications in the CDE is not accessible to the public internet; however, we have a private circuit in place that allows two of our external partners to … Read more

Internal vs. External Vulnerability Scans: Why You Need Both

May 15, 2014 • Published Categories PCI 101Tags , , , ,

The Ins and Outs of Vulnerability Scanning If you’re a merchant trying to get started with PCI compliance, you’re likely to hear the word “scan” from your acquiring bank or the PCI partner they’ve enlisted to help you with the process. In our conversations with … Read more

More Specialized SAQs: The New SAQ B-IP

April 8, 2014 • Published Categories Industry TopicsTags , , , , , , , , , , , ,

NOTE: There have been updates to the PCI DSS 3.0 standard since this post was published. The current revision is 3.2r1.1; however, the only significant changes to the SAQ B-IP have been the additions of segmentation testing and multifactor authentication for all remote access. The new … Read more

How to Find Windows XP in your IT Environment

March 25, 2014 • Published Categories Industry TopicsTags , ,
Deadline Ahead for Windows 2003 Server

If you’ve been following our Windows XP series on PCI Compliance Guide, you now know the reasons running XP after April 8, 2014 will put your business at risk and also the level of planning that needs to take place now (even if you’re reading … Read more