.

[Article]-What Do I Really Need To Do To STAY PCI DSS Compliant?

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Fri Nov 27, 2009 5:17 pm

[Article]-What Do I Really Need To Do To STAY PCI DSS Compliant?

With PCI DSS requiring penetration testing, it has become not only imperative to become compliant but also to remain in compliance.

With that in mind, I'm proud to add Dr. Anton Chuvakin to our esteemed list of contributors to EH-Net. Formerly of Qualys, Dr. Chuvakin is an expert in PCI and shares some valuable information on staying compliant. He even has a very neatly compiled To-Do List.

Permanent link: [Article]-What Do I Really Need To Do To STAY PCI DSS Compliant?


Image


By Dr. Anton Chuvakin - http://www.chuvakin.org/

Lately, a lot of security industry discussions have been focused on PCI DSS (Payment Card Industry Data Security Standard). The conversation ranges from practical advice on “how to get compliant” all the way to branding PCI as a devilish invention (Google for “PCI is the devil”). Fiery debates aside, PCI DSS guidance helped countless organizations to see the light of security where there was none before. It goes without saying that it didn’t magically make them “become secure” – no external document can.

One of the frequent criticisms of PCI focuses on the misguided view that “PCI is all about passing an ‘audit’.” Many people would be surprised to find out that PCI DSS lists specific tasks that you have to be doing all the time – NOT just before the assessment. This article focuses on the exact steps organizations must take to actually stay compliant and not just pass validation via scanning, on-site assessment or self-assessment questionnaire (SAQ).



Let us know what you think or if you have requests for specific articles on PCI that you'd like Dr. Chuvakin to write.

Don
CISSP, MCSE, CSTA, Security+ SME
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Wed Feb 10, 2010 4:15 pm

Re: [Article]-What Do I Really Need To Do To STAY PCI DSS Compliant?

CISSP, MCSE, CSTA, Security+ SME

Return to /root

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software