This is a requirement for sub-control 2.4. Â Inventory of systems refer to all hardware and software, virtual or physical within the cardholder data environment (CDE). This essentially means a list of all the hardware and software used, their purpose in being in the CDE, what they are and why they ...
Read MoreHackers are "Hacking all the things". We are starting to hear about environments like thermostats, heating, ventilation, air-conditioning using web interfaces and http custom protocols.  Those are big security issues. Next, over the last several months there have been numerous cases of hackers ta ...
Read MoreThe 2014 Verizon report indicates that 9 out of 10Â failed their PCI DSS baseline assessment. Here are some excerpts from the report:
There are many large data security breaches that are being reported nationally. They are high-profile retail chains. Equally important are the smaller breaches which are occurring every day. All that was required to find the smaller companies breach list was do a simple search on the Internet. Itâ ...
Read MoreThis was listed in one of the articles about updates on PCI DSS 3.0. Â There is too much going on in the retail world with constantly increasing breaches, both high and low profile ones. Â Hence all the fuss about data security and compliance. Â Coincidentally, this is the year for transitioning to ...
Read More