door Gerdien van den Bosch | jan 21, 2020 | Beveiligingstips, PCI DSS
Reducing your PCI DSS scope is an effective way to save costs on the PCI audits. Officially it is not required to segment the network or isolate systems that process, transmit or store credit card data. However, without proper network segmentation and isolation of...
door Gerdien van den Bosch | jan 13, 2020 | Beveiligingstips, PCI DSS
Tokenization is an excellent data security strategy that, unfortunately, only a few companies take advantage of. We believe that it is one of the best security strategies for credit card data and Payment Card Industry Data Security Standard (PCI DSS) scope reduction....
door Gerdien van den Bosch | dec 10, 2019 | Compliance, PCI DSS
PCI DSS has incorporated new requirements in the latest version 3.2.1. Within the new requirements for service providers, there is one of the requirements (3.5.1) which requires maintaining the documented cryptographic architecture where the algorithms, protocols and...
door Gerdien van den Bosch | nov 18, 2019 | Compliance, PCI DSS
Many merchants and service providers choose the path of self-validating. They perform all validation steps themselves and record their progress in the Self-Assessment Questionnaires (SAQ) and report their status in the Attestation of Compliance. A PCI Compliance...
door Gerdien van den Bosch | okt 29, 2019 | Compliance, PCI DSS
Getting compliant to PCI DSS is not an easy task. It requires dedication, some inspiration and certainly a lot of perspiration. During the annual assessment, we witness the many hours of work spent by various teams in order to achieve or maintain compliance. But we...
door Gerdien van den Bosch | okt 1, 2019 | Compliance, PCI DSS
We hebben nog steeds klanten die ons deze vraag van tijd tot tijd stellen. Helaas betekent het simpelweg versleutelen van kaarthoudergegevens (CHD) niet noodzakelijkerwijs vermindering van de scope ervan. Onder de meeste omstandigheden geldt, als gecodeerde CHD wordt...