Tag: PCI hosting

More New PCI DSS 3.0 Requirements: Control Access, Two-Factor Authentication & POS Security

Yesterday, I blogged about the new PCI DSS 3.0 document that contains a number of clarifications, additional guidance and evolving (new) requirements. The part I’m going to focus on is the evolving requirements, as they represent the changes that ensure … Continue reading

Posted in PCI Compliance | Tagged , , , | Leave a comment

PCI DSS 3.0: New Requirements Released for Merchants & Service Providers

The new PCI DSS 3.0 document contains a number of clarifications, additional guidance and evolving requirements, according to how the PCI SSC refers to the changes. The part I’m going to focus on is the evolving requirements, as they represent … Continue reading

Posted in PCI Compliance | Tagged , , , , | Leave a comment

Information Security: Your Complete Guides to Data Regulatory Compliance

Our online guides to information security (infosec) and compliance are scattered across our website and blog, but here’s a roundup of our best and most relevant resources that relate to this year’s Detroit SecureWorld security and compliance sessions, tomorrow and … Continue reading

Posted in HIPAA Compliance, Information Technology Tips, PCI Compliance, SAS 70/SSAE 16/SOC | Tagged , , , , , , , | Leave a comment

Source Code, Encrypted Data Stolen as 2.9 Million Affected in Adobe Breach

Adobe was hit with a data breach last week that compromised their source code of several products, including Adobe Acrobat, ColdFusion Builder and other Adobe products. Hackers also accessed and removed 2.9 million customers’ data, including names, encrypted credit/debit card … Continue reading

Posted in Cloud Computing, Encryption, PCI Compliance | Tagged , , , , , | Leave a comment

PCI DSS ‘Business as Usual’ Practices Provide Guidance to PCI Hosting

SearchSecurity.TechTarget.com recently reported on the PCI SSC (Payment Card Industry Security Standards Council) and their first annual PCI Community Meeting to discuss the changes made in PCI DSS 3.0 that affects merchants, ecommerce and retailers that deal with credit cardholder … Continue reading

Posted in Cloud Computing, Encryption, PCI Compliance | Tagged , , , , , | Leave a comment

PCI DSS Data Breaches Increase 15 Percent; Remote Access & SQL Injections to Blame

A few major takeaways from Trustwave’s 2013 Global Security Report reveal that the retail industry was at the top of data breach investigations at 45 percent. A total of 96 percent of customer records (payment card data, PII (personally identifiable … Continue reading

Posted in Information Technology Tips, PCI Compliance | Tagged , , , , , | Leave a comment

Total Ecommerce Sales Rise 18 Percent in Q2 with Mobile Commerce

InternetRetailer.com recently reported that ecommerce sales have increased to 18.4 percent, as estimated by the U.S. Commerce Department in Q2, bringing online sales back to their pre-recession growth rates. Comparing Q2 2013 to Q2 2012, ecommerce sales rose to $65 … Continue reading

Posted in Mobile Security, PCI Compliance | Tagged , , , , , | Leave a comment

New Technology Fuels Global PCI DSS Compliance Security Concerns

Last month Jeremy King, the European Director for the Payment Card Industry Security Standards Council (PCI SSC) had an interview with BankInfoSecurity.com, in order to address pain points they encounter as they continue to shape the Payment Card Industry Data … Continue reading

Posted in PCI Compliance | Tagged , , , | Leave a comment

International Hacking Scheme Aided by SQL Injections; 12 Major Companies, 160 Million Affected

Recently, Nasdaq.com reported on hackers that gained access to more than a dozen major global payment processor, retailer and financial institutions’ systems, including NASDAQ (trading platform unaffected), 7-Eleven, JC Penney, Heartland Payment Systems, Visa Jordan, Global Payment, JetBlue, Dow Jones … Continue reading

Posted in HIPAA Compliance, Information Technology Tips, PCI Compliance | Tagged , , , , , , , , , | Leave a comment

Encrypting Backup Data for HIPAA and PCI Compliance

Stored data is a top target by hackers, especially the type of data that can be used for fraud and medical identity theft – within the healthcare industry in particular, encrypting stored data to meet HIPAA compliance is one way … Continue reading

Posted in Disaster Recovery, Encryption, HIPAA Compliance, PCI Compliance | Tagged , , , , , , , | Leave a comment