Summing It Up

By

Topic: Technology

PCI DSS 3.2 Req 6.4.6 - Views on Updating PCI DSS Compliance Programs Upon Significant Changes to a Cardholder Data Environment
By Justin Bonk on July 17, 2018

If you are classified as a merchant or service provider, anytime you make a significant change to your cardholder data environment, you are required to ensure that all relevant PCI DSS...

Continue Reading
PCI DSS 3.2 Req 8.3.1 - Views on Multi-Factor Authentication
By Justin Bonk on July 16, 2018

If you're classified as a service provider or merchant, you're required to implement multi-factor authentication for any non-console administrative access into your cardholder data...

Continue Reading
PCI DSS 3.2 Req 10.8 and 10.8.1 - The Process for Detecting, Reporting, and Responding to Failures in Security Mechanisms
By Justin Bonk on July 13, 2018

If you're classified as a service provider you need to implement policies and procedures, and response mechanisms for addressing any failures in critical security mechanisms including...

Continue Reading
PCI DSS 3.2 Req 11.3.4.1 - Views on Semi-annual Penetration Testing
By Justin Bonk on July 12, 2018

If you are a service provider that uses network segmentation to reduce the overall scope of your PCI DSS assessment, what was formerly an annual requirement to obtain a penetration test is...

Continue Reading
PCI DSS 3.2 Req 12.4.1 - Views on Establishing Responsibility for the Protection of Cardholder Data
By Justin Bonk on July 11, 2018

If you're classified as a service provider, you are required to formally establish the overall responsibility for PCI compliance and the protection of cardholder data. Your PCI DSS Charter...

Continue Reading
PCI DSS 3.2 Req 12.11 and 12.11.1 - Views on Performing Quarterly Reviews and Maintaining Documentation of Quarterly Review Process
By Justin Bonk on July 10, 2018

If you're classified as a service provider, you are required to implement a process for internal quarterly review of critical security procedures to ensure those procedures are operating...

Continue Reading

Stay up to date