How to Legally Segment Company with two divisions one PCI-compliant and the...
We are thinking of acquiring a company which has a product which is not pci compliant. We are PCI-Compliant and want to Legally Segment the company so we can pass next years audit while we work to...
View ArticlePCI Complaince
How does one become credited to do audits for PCI compliance .. what are the steps to be followed .. Does anyone know or understand the cost .. IS it a comp-any or an individual that gets a...
View ArticleOutside vendor located on premises
We have an outside vendor located on our premises making credit card sales. If they are not PCI compliant, and/or if their data becomes compromised, what is our liability, considering it will be our...
View ArticleNetApp DataFort and PCI Compliance
Does NetApp DataFort meet current PCI requirements ?
View ArticleOracle Application Server – how to manage ciphers
Hello all, A PCI compliance scan of my web server revealed that it allows weak and anonymous ciphers. I set the sslciphersuite entry in the ssl.conf file, but it didn’t change anything. Any ideas how...
View ArticleSecure file deletion on an iSeries
How can I perform a secure file deletion on an iSeries system, as per a secure file deletion on a PC? The PCI police are chasing me for an answer, but I’m not convinced its possible/necessary.
View ArticleHow soon is PCI scan required on new application?
Hello, The larger team I work in is about to release a new ecommerce website that allows the secure storage and usage of personal and corporate credit cards. As far as system components go, the payment...
View ArticleSecurely accepting credit card payments face-to-face?
I’ve been tasked with finding a low-overhead way of taking credit cards for a one-time event. Most people are hopefully paying in advance via PayPal, and I’m wondering if anyone has tried just setting...
View ArticlePCI-DSS Scope minimization
i am trying to prepare a methodology on how to implement PCI-DSS.i prepared my scope but now i want to know what are the exact steps which one would have to follow to SHRINK OR MINIMIZE SCOPE. can...
View ArticlePCI compliance 1.4(b) on personal firewalls
Requirement 1.4(b) asks if personal firewall software is not alterable by employee-owned computer users. If we allow employees to alter their personal firewall software settings, what other...
View ArticleRotate keys in SQL Server encryption for PCI compliance
Question Edited by Michael Tidmarsh
View Article