The PCI Security Standards Council just released Version 3.0 of the Payment Card Industry Data Security Standard (PCI-DSS), the set of requirements for protecting credit card data. The update had some significant changes, including a greater focus on third-party information security. There are many articles describing the new changes to PCI-DSS V3, including a nice […]
Category Archives: PCI-DSS
Most of the attention focused on information security today surrounds the public data breach. Almost daily we hear a new report about hundreds or thousands of records of personal information being improperly disclosed. In fact, it is the loss of private data that drives most of the regulatory environment designed to enforce security. GLBA, HIPAA [...]
This article will explore five serious problems preventing information security policies from being implemented, even though these policies may have been written with the best of intentions. Cutting across all five of these causative factors is a theme involving a lack of understanding about the nature of policies. All too often policies are written in […]
Many organizations are building or updating written information security policies in response to the newly updated Payment Card Industry Data Security Standard (PCI-DSS). In this paper we describe how Information Shield security policy products can be used to save time and money building security policies that address the PCI-DSS requirements. PCI-DSS Policy Compliance Using Information [...]
Some organizations still receive little management support or funding for a sound information security policy program. Within the last several years, however, numerous federal, state and international regulations have been passed that require the protection of information. Many organizations are now enhancing their information security policies in response to legal and regulatory requirements. In some […]