Comments on: Guide to Becoming PCI Compliant: A Historical Perspective and Introduction http://resource.onlinetech.com/guide-to-becoming-pci-compliant-a-historical-perspective-and-introduction/ A Guide to Managed Hosting Tue, 07 Feb 2012 15:27:29 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: The Six Principles of PCI Compliance http://resource.onlinetech.com/guide-to-becoming-pci-compliant-a-historical-perspective-and-introduction/comment-page-1/#comment-170 The Six Principles of PCI Compliance Wed, 21 Jul 2010 18:58:20 +0000 http://resource.onlinetech.com/?p=1247#comment-170 [...] first blog in this series provided a historical overview and introduction to PCI compliance.  This blog provides an overview of PCI DSS, which is aligned into 6 principles of PCI compliance [...] [...] first blog in this series provided a historical overview and introduction to PCI compliance.  This blog provides an overview of PCI DSS, which is aligned into 6 principles of PCI compliance [...]

]]> By: Della Lowe http://resource.onlinetech.com/guide-to-becoming-pci-compliant-a-historical-perspective-and-introduction/comment-page-1/#comment-160 Della Lowe Wed, 31 Mar 2010 13:25:04 +0000 http://resource.onlinetech.com/?p=1247#comment-160 This article was very interesting IMHO in that Adam emphasized the security aspect of the PCI DSS. While it is not all that hard to get a checkmark in various areas, that often comes at the cost of real, ongoing security. If you take care of the security, especially in an automated 24x7 way, the compliance becomes just about free. If, however, you just want that checkmark, you may achieve PCI compliance on paper but you will not maintain it, as Adam suggests you should, or be safe from attack. My company helps our customers meet and exceed the PCI requirements for wireless scanning by concentrating on security and I was glad to see Adam focusing that way as well. I liken the checkmark to putting an ADT sign in the front of your house and hoping that the burglars won't find out that you don;t have a security system or that you leave the door unlocked most of the time. This article was very interesting IMHO in that Adam emphasized the security aspect of the PCI DSS. While it is not all that hard to get a checkmark in various areas, that often comes at the cost of real, ongoing security. If you take care of the security, especially in an automated 24×7 way, the compliance becomes just about free. If, however, you just want that checkmark, you may achieve PCI compliance on paper but you will not maintain it, as Adam suggests you should, or be safe from attack.

My company helps our customers meet and exceed the PCI requirements for wireless scanning by concentrating on security and I was glad to see Adam focusing that way as well. I liken the checkmark to putting an ADT sign in the front of your house and hoping that the burglars won’t find out that you don;t have a security system or that you leave the door unlocked most of the time.

]]>