Successful mitigation of today’s security threats requires an approach that is both on the offensive and on the defensive. Here, we give our take on how to approach and handle specific security challenges, as well as our reaction to some of the latest industry topics.
02.13.17
Defining and managing PCI scope is arguably the most critical part of any PCI compliance program. An overly narrow scope can jeopardize cardholder data, and an overly broad scope can add unnecessary cost and time to any PCI program. PCI compliance is an ongoing process and requires an annual assessment that can add up to… Read more »
05.27.16
PCI Scope reduction is a great way to make PCI compliance simpler and to reduce risk. Scope reduction reduces the attack surface area and the number of systems that must be maintained to the PCI standards…. “Less is more.” This blog post discusses web page redirects, which are an excellent method to get many systems… Read more »
03.28.16
Tokenization techniques are rapidly evolving to address PCI scope reduction efforts and securing cardholder data from breaches. PCI scope reduction is integral in simplifying PCI compliance and reducing risk overall in the environment. Scope reduction effectively minimizes attack surface area and limits the number of systems that must be assessed to the PCI standards. Regardless… Read more »
