Can you hold Payment Card Information (PCI) data in a cloud-based service? Yes, but doing so isn't straightforward, so the PCI Security Standards Council has published a guideline that clarifies what approaches compliance-minded businesses can take.
A new set of guidelines from the PCI Security Standards Council is intended to help merchants and cloud services providers comply with the PCI DSS when handling payment card data on the web.
Businesses are in the crosshairs as military and spy organizations around the world step up their cyber-snooping techniques, and the shift to cloud is only exacerbating the risks. How can you be sure your cloud partner is capable of protecting your data from cyberattacks?
If you're wondering exactly what is PCI compliance, the chances are you're one of the many business owners in Australia who've asked themselves this same question. Before answering this question, it's useful to begin by looking at what PCI (and its counterpart DSS) stands for.
As we noted in last year's CSO article, "Six ways we gave up our privacy," people are increasingly -- and willingly -- throwing their privacy to the wind, thanks to an addiction to Google apps, GPS devices, the BlackBerry, iPhone and Android, and social networking sites like Facebook and Twitter. Some security experts believe privacy is dead already.
Payment card industry (PCI) compliance knowledge is sorely lacking among Australian companies and needs to improve before the next deadline later this year, according to Bridge Point Communications director, Tim Smith.
Beginning Sept. 30, Visa will require merchants and related businesses to conduct wireless security scans to prove compliance with version 1.2 of the PCI Data Security Standard (PCI DSS) which is designed to safeguard cardholder data from wireless threats.
Security vendors are launching a gazillion products this week at RSA Conference 2010, but hidden in all of those press releases are a few nuggets that illustrate the big picture trends.
The burden of payment card industry (PCI) compliance is costing Australian companies thousands of dollars each month as organizations struggle to meet the stringent requirements of the data security standard known as PCI DSS.