by Gerdien van den Bosch | Mar 4, 2020 | Information security, Security tips
Over the past decade, many organizations have made the choice to use a virtual CISO to either fill this role or complement their current CISO. As security experts, we believe this is a good development because it enhances the security level of companies. What...
by Gerdien van den Bosch | Jan 21, 2020 | PCI DSS, Security tips
Reducing your PCI DSS scope is an effective way to save costs on the PCI audits. Officially it is not required to segment the network or isolate systems that process, transmit or store credit card data. However, without proper network segmentation and isolation of...
by Gerdien van den Bosch | Jan 13, 2020 | PCI DSS, Security tips
Tokenization is an excellent data security strategy that, unfortunately, only a few companies take advantage of. We believe that it is one of the best security strategies for credit card data and Payment Card Industry Data Security Standard (PCI DSS) scope reduction....
by Gerdien van den Bosch | Dec 10, 2019 | Compliance, PCI DSS
PCI DSS has incorporated new requirements in the latest version 3.2.1. Within the new requirements for service providers, there is one of the requirements (3.5.1) which requires maintaining the documented cryptographic architecture where the algorithms, protocols and...
by Gerdien van den Bosch | Nov 18, 2019 | Compliance, PCI DSS
Many merchants and service providers choose the path of self-validating. They perform all validation steps themselves and record their progress in the Self-Assessment Questionnaires (SAQ) and report their status in the Attestation of Compliance. A PCI Compliance...