Common Misconceptions About PCI DSS Self-Assessment Questionnaires (SAQs)
Common Misconceptions About PCI DSS Self-Assessment Questionnaires (SAQs). Is your organization PCI compliant? Are you sure?
Tag Archives: Compliance
Windows Audit Policies for PCI DSS Compliance
Exactly which settings need to be enabled for the audit (logging) policy on Windows systems in order to meet the intent of PCI DSS requirements 10.2.x? Trying to understand all the individual events IDs associated with each Windows audit policy is your first step in trying to determine the answer to this question! But after a […]
The Sounds of PCI Compliance
So I’ll admit I’m relatively new to the PCI Compliance arena. That said, I’ve been working with technology and financial companies for the last 15 years and while I’ve seen topics come & go; PCI Compliance is here to stay. I’ve noticed some commonalities from the folks I’ve spoken with recently and I wanted to share some […]
Understanding PCI Service Providers
One of the common misunderstandings we’ve noticed among merchants is in relation to the proper definition of a PCI Service Provider. Most companies understand that if they share cardholder data with a third party, that entity is a Service Provider and needs to be covered for DSS requirements 12.8.x. But there’s another class of Service Providers that often gets […]