While it’s very tempting as consultants to just sometimes approach a customer requiring PCI-DSS and after identifying all their service providers, declare: “I need all your service providers to also be PCI-DSS compliant and certified!”, the truth of the matter … Continue reading
Have you heard the phrase Too Long, Didn’t Read? What if this applies to your PCI DSS compliance program, rephrased to “Too administrative, didn’t’ do?”. We get this all the time in our meetings. Everyone mobilise for the big PCI … Continue reading
A lot of people we have met had told us this: “Since we are ISO27001, PCI should be a piece of cake, right?” The context of this is because ISO27001 and PCI are often seen as distant cousins. They are … Continue reading
A proxy server is a server that serves as an intermediary between the requester (a client PC for example) and the responder (typically the destination server). There are 3 types of proxy servers that are commonly implemented in many organisations: … Continue reading
The Art of Getting By is a movie that wasn’t very good. I don’t recall much of it, except the title was appropriate for this article. The general idea of PCI-DSS is that it’s easier to maintain the compliance than … Continue reading