How to Make PCI Compliance a Little Easier for Everyone

Is PCI compliance slowing you down? Read about our compliance services or reach out directly with any questions about your journey to compliance. Before we begin, there’s one thing to make very, very clear: You cannot outsource ALL compliance!   I do not...

PCI DSS 3.2 Multi-Factor Authentication Clash

Recently the PCI Security Standards Council held their North American Community Meeting.  This annual meeting brings together assessors, payment professionals, card brands, Council members, Acquirers, and other interested parties to discuss the state of our beloved...

PCI Set to Ban SSL Protocol

Update The PCI SSC published version 3.1 of the PCI DSS on April 15th, 2015, effectively immediately. As Anitian anticipated, the new version of the DSS states that both “SSL and early TLS are not considered strong cryptography and cannot be used as a security...

The Failure of the PCI-DSS?

Recent events have caused people all over the information security community to question the efficacy of the PCI-DSS. The Target breach has become a lightning rod for debate as to how well the PCI-DSS protects organizations. In a recent blog entry, Avivah Litan from...

Analysis of the New Requirements for PCI 3.0

The PCI –DSS 3.0 draft is out and the changes are significant.  However, when we parse out the new standard, there are really only six new requirements (and one of those is a just a augmenting an existing requirement).  Anitian analyzed these six new standards along...