How to Make PCI Compliance a Little Easier for Everyone

Before we begin, there’s one thing to make very, very clear: You cannot outsource ALL compliance! I do not care what some vendor says. No single service makes you compliant. Only you can make you compliant. While vendors can take you most, if not all the way to compliance. You must still confirm their compliance […]

PCI DSS 3.2 Multi-Factor Authentication Clash

Multi-factor authentication (MFA) is a tried and true technology that rarely incites debate. How then did MFA became a hotly debated topic at the PCI Standards Council North American Community Meeting? The answer is a classic clash of theory and reality.

The Failure of the PCI-DSS?

The Target breach has ignited a firestorm of debate over the efficacy of the PCI-DSS. The problem with the PCI-DSS is not the standard, but a deeply flawed an corrupted assessment process.