PCI | paulmudgett.com

Posts tagged: PCI

Lessons in Due Diligence

An article by Kim Zetter on Wired.com caught my attention: “Restaurants Sue Vendor for Unsecured Card Processor”. The gist is that several restaurants purchased Point-of-Sale (POS) systems from a particular vendor. These POS systems that were sold were apparently not Payment Card Industry – Data Security Standard (PCI-DSS) compliant and that resulted in a breach [...]

Wednesday December 2nd, 2009 in , breach, data protection, due diligence, information security, PCI, security mistakes, vulnerability management | No Comments »

Nevada’s New Privacy Law

SB227 was passed into law and goes into effect in January 2010. It contains requirements for PCI compliance as well as encryption of personally identifiable information. Like any legislation it has both good and bad pieces to it with potential loopholes.

Friday July 10th, 2009 in , data protection, Nevada Privacy Law, Nevada Security Law, PCI, PII, SB 227 | 1 Comment »

Surprising move by MasterCard

MasterCard made a decision not to allow remote key injection capabilities that allows merchants to install new encryption keys on point-of-sale devices. Now these merchants are stuck doing this work manually at an off-site facility. Organizations that are trying to comply with the Payment Card Industry – Data Security Standard are now hamstrung in their [...]

Friday July 10th, 2009 in , credit card information, encryption, PCI, security automation | No Comments »

paulmudgett.com

Information Security & Business Leadership

Posts tagged: PCI

Lessons in Due Diligence

Nevada’s New Privacy Law

Surprising move by MasterCard

Archives

Categories

Blogroll