PCI Council Releases Revised PA-DSS Eligibility Criteria
On June 29, 2011 the PCI Security Council released a checklist outlining the types of payment applications that are eligible for PA-DSS validation:
On June 29, 2011 the PCI Security Council released a checklist outlining the types of payment applications that are eligible for PA-DSS validation:
Data Tokenization Considerations
Early July sees the latest fines imposed by Health & Human Services Office for Civil Rights for HIPAA violations.
So many recent data breaches – its becoming hard to keep up. Here’s a quick summary of some data breaches. There are many more where this came from, and the full list of known breaches can be found at these sites:
We are currently seeing a convergence of forces and circumstances that are causing significant shifts in the way we think about information security and risk management “best practices”.
The PCI Security Standards Council recently released new supplemental guidance (PDF) regarding PCI compliance considerations for the use of virtualization technologies.
In case you weren’t able to attend today’s webinar, Introduction to the Payment Card Industry Data Security Standard, we’ve posted a recording of the entire session on Halock’s YouTube channel. The full 6-part series is embedded below for your convenience.
National Vulnerability Database (NVD) National Checklist Program Repository. While working with our clients to establish appropriate system hardening standards for PCI compliance, we are often asked to provide resources and guidance that can be referenced as additional system and operating system types are deployed. The following NIST resource can be most helpful in this regard.