4 easy Tips to help reducing costs for PCI DSS
Reducing your PCI DSS scope is an effective way to save costs on the PCI audits. Officially it is not required to segment the network or isolate systems that process, transmit or store credit card data. However, without proper network segmentation and isolation of...
Tokenizing your payment card data may be the smartest security decision you make in 2020
Tokenization is an excellent data security strategy that, unfortunately, only a few companies take advantage of. We believe that it is one of the best security strategies for credit card data and Payment Card Industry Data Security Standard (PCI DSS) scope reduction....
How to Define the Cryptoperiod for PCI DSS?
PCI DSS has incorporated new requirements in the latest version 3.2.1. Within the new requirements for service providers, there is one of the requirements (3.5.1) which requires maintaining the documented cryptographic architecture where the algorithms, protocols and...
Annual Plan – PCI DSS Compliance
Many merchants and service providers choose the path of self-validating. They perform all validation steps themselves and record their progress in the Self-Assessment Questionnaires (SAQ) and report their status in the Attestation of Compliance. A PCI Compliance...
How to Maintain PCI Compliance?
Getting compliant to PCI DSS is not an easy task. It requires dedication, some inspiration and certainly a lot of perspiration. During the annual assessment, we witness the many hours of work spent by various teams in order to achieve or maintain compliance. But we...
Everything is encrypted therefore PCI DSS doesn’t apply?
We still have clients ask us this question from time to time. Unfortunately, simply encrypting Cardholder data (CHD) doesn’t necessarily de-scope it. Under most circumstances, if encrypted CHD is stored, processed or transmitted it will still be in the scope of PCI...