The Service Provider Challenge for PCI

While it’s very tempting as consultants to just sometimes approach a customer requiring PCI-DSS and after identifying all their service providers, declare: “I need all your service providers to also be PCI-DSS compliant and certified!”, the truth of the matter … Continue reading

PCI-DSS Segmentation with Host-Based Firewalls

One of the frequent queries we have faced in the past months as we ramp up our consultancy and advisory for travel agencies and other merchants, has been the question of segmentation. Now, before travel agencies were imposed with the … Continue reading

PCI-DSS – So Why Aren’t We QSA?

We have faced this question many times before over the course of 7 years working on PCI-DSS in this region. Many customers have asked us, why haven’t we become QSA (Qualified Security Assessor), considering the amount of PCI work we … Continue reading