The Simplicity of PCI, and the best way to complicate it! standard
OK folks, bring on the love. Ready? I’m going to stick my neck way out there. PCI is easy. *GASP* OK, taking a company that ignored security (or only focused on one particular element of a good security program) to compliance is hard, painful, and will result in lots of kicking and screaming and other tantrum like actions. Why? See this post. But take PCI DSS on the surface. It’s prescriptive (potentially overly so in some cases), it is based on a good, common set of security practices that, quite frankly, you should already be doing, and its impact to your organization can be limited dramatically depending on how you approach it. If you look at the high level twelve ...
Continue Reading