June 2009

  • PCI compliance requirement 8: Unique IDs

    In a nutshell, Requirement 8 of the Payment Card Industry Data Security Standard calls for individual identification for anyone and everyone who has access to cardholder data.

  • PCI compliance requirement 7: Restrict access

    Diana Kelley and Ed Moyle of Security Curve review PCI compliance requirement 7: "Restrict access to cardholder data."

  • PCI compliance requirement 3: Protect data

    Ed Moyle and Diana Kelley review Requirement 3 of the Payment Card Industry Data Security Standard: Protect cardholder data. It's not as simple as it sounds.

  • SIMs: More Than a Pile of Logs

    SIMs have come a long way from the days of log aggregation and correlation; enterprises now glean value for compliance, visualization, and business intelligence.

  • Tread Carefully Into the Cloud

    Cloud computing carries risks that enterprises need to weigh before they forge ahead.

  • Cloud Confusion

    Vendors are loosely using the term cloud computing, and it's causing confusion for users in the market for buying and securing these services.

  • PCI compliance requirement 9: Physical access

    For Requirement 9 of the PCI Data Security Standard, basic physical controls are required for the facilities that process cardholder data. In this video, Ed Moyle and Diana Kelley review the defenses.