PCI Requirement 3.1 – Keep Cardholder Data Storage to a Minimum
PCI Requirement 3.1 requires organizations to securely delete data that is not required to be retained for business or legal requirements. Why is complying…
PCI Requirement 3.1 requires organizations to securely delete data that is not required to be retained for business or legal requirements. Why is complying…
What is a Shared Hosting Provider? PCI Requirement 2.6 exists to protect hosting environments. When multiple clients’ data is all on the same server,…
Ensure that Policies and Procedures are Documented, In Use, and Known to All Affected Parties PCI DSS Requirement 2.5 addresses one of the most…
Maintaining an Inventory of Assets We believe that if management is not aware of an asset, it’s probably not appropriately protected. Based on PCI…
Administrative Access and Strong Encryption PCI Requirement 2.3 calls out the need to encrypt all non-console administrative access using strong cryptography. If your organization…