This is cache of http://www.rsa.com/blog/blog_entry.aspx?id=1300. Cache is the snapshot of article that we took when we index feed.
To see original page click here.
We are not affiliated with the authors of this article and not responsible for its content.
Finished? Where should I start?
2008-07-01 00:00:00 by Brad Davenport in Speaking of Security, the RSA Blog and Podcast
 
Many of the merchants I speak with are sharply focused on addressing specific PCI security requirements. While implementing the controls needed to meet the requirements is absolutely critical, I can't stress enough the importance of taking time to aim before firing.

It's no secret that PCI compliance is focused on securing cardholder data and infrastructure. Simply put, you can't secure what you don't manage and you can't manage what you don't know about. Before you go looking for all instances of cardholder data, you must be prepared to find more than expected.

Most merchants are aware of the cardholder data in their database(s). But what about payment applications or payment portals that temporarily store the data? Or customer service reps e-mailing credit card information to confirm or dispute an order?...

 
Tags: data, cardholder data, credit card information, customer service reps, pci compliance, payment applications, absolutely critical, temporarily store, payment portals
 
 
 
 
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia