A QSA’s job: keep you honest about PCI compliance

By / / IT Compliance / 3 minutes of reading / , , , ,

As the use of credit cards becomes more ubiquitous, so too does the need for security standards to protect cardholder data. That has led to the rise of the Qualified Security Assessor (QSA). What is a QSA? And who needs one? The title of QSA is an industry designation conferred by the Payment Card Industry (PCI) Security Standards …

A QSA’s job: keep you honest about PCI compliance Read More »

Make sure your host knows what PCI is! Your web hosting company doesn’t!

By / / IT Compliance / 6 minutes of reading / , , , , ,

I recently discussed with a potential customer why they should work with ZZ Servers instead of one of the now hundreds of other hosting providers offering PCI “compliant” hosting services. After spending the last five years doing PCI Level 1 validations I have run into many areas where hosting providers do not get PCI and …

Make sure your host knows what PCI is! Your web hosting company doesn’t! Read More »

PCI Data Security Standard version 1.2 now active.

By / / IT Compliance / 2 minutes of reading / , , , , ,

As of October 1, 2008 the PCI Data Security Standard version 1.2 became active. There are a number of changes to PCI DSS since version 1.1. Version 1.2 removes much of the ambiguity from earlier versions and provides additional details on items such as the use wireless devices. One of the largest and possibly most hard hitting …

PCI Data Security Standard version 1.2 now active. Read More »

Scroll to Top