June 2009

  • PCI compliance requirement 7: Restrict access

    Diana Kelley and Ed Moyle of Security Curve review PCI compliance requirement 7: "Restrict access to cardholder data."

  • PCI compliance requirement 5: Antivirus

    Diana Kelley and Ed Moyle of Security Curve review PCI compliance requirement 5: "Use and regularly update antivirus software."

  • PCI compliance requirement 10: Auditing

    Diana Kelley and Ed Moyle of Security Curve review PCI compliance requirement 10: "Track and monitor all access to network resources and cardholder data."

  • PCI compliance requirement 3: Protect data

    Ed Moyle and Diana Kelley review Requirement 3 of the Payment Card Industry Data Security Standard: Protect cardholder data. It's not as simple as it sounds.

  • Cloud Confusion

    Vendors are loosely using the term cloud computing, and it's causing confusion for users in the market for buying and securing these services.

  • Tread Carefully Into the Cloud

    Cloud computing carries risks that enterprises need to weigh before they forge ahead.

  • A Method[ology] to the Madness

    One security professional describes a homegrown risk methodology currently being used by a large university and a private corporation.