The Definition of Cardholder Data standard
The definition of cardholder data for most of us usually stops at the Primary Account Number, or PAN. Those pesky digits that we have to protect as they run through our systems cause CIOs to cringe and security professionals to salivate over potential budget money. Before you can embark on your information security journey, you need to understand what you must secure, and where it is. I’ve posted about this before. As this is one of my most popular posts, I wanted to go back and revisit this post. When I wrote this post, we were still dealing with PCI DSS v1.2.1. While the definition has not changed in more recent versions, the landscape has quite a bit. I’ve updated ...
Continue Reading