Understanding Requirement 2 of PCI DSS
In this blog series we will explain the 12 requirements of PCI DSS, discuss the common challenges and tell you what kind of evidence is needed to comply with the requirement. Our previous blog was about the first requirement. This requirement focuses on the protection...
Understanding Requirement 1 of PCI DSS
In this blog series we will explain the 12 requirements of PCI DSS, discuss the common challenges and tell you what kind of evidence is needed to comply with the requirements. One of the main requirements of PCI DSS is, without a doubt, the first. It contains a set...
PCI compliance: Where does AOC, ROC and SAQ stand for?
Often times we hear terms that are thrown around like PCI SAQ, AOC and PCI Report on Compliance (ROC). Are you often struggling to understand the difference between these concepts and if/when you’re required to complete them? The good news is that you’re not alone and...
Have you yet successfully implemented the new PCI DSS requirements 3.2?
January 31, 2018 marked the date that all new requirements introduced in PCI DSS version 3.2 must be adopted by organizations and included in their PCI DSS assessment. Be aware that a minor revision to this version is already planned for mid-2018, which comes into...
Information Security Policy: 5 Common Mistakes Organizations Make
Regardless of the size of your business or the industry you are in, an information security program is a critical document for any organization. A good information security program consists of a comprehensive set of information security policies and procedures. Having...
Checklist GDPR: 5 things you should have in place before May 25th 2018
In a few days, the European Union (EU) will begin enforcing the most stringent regulations to date on how EU citizens' personal data is lawfully collected, processed and stored. The General Data Protection Regulation (GDPR) is a sweeping data protection law that not...