Skip to content Blog Series
We shortlisted and are considering these blog series to be published but we do not have deadlines for these blog series as of now. Stay tuned!
Uncategorized
Compliance
In general, compliance means conforming to a rule, such as a specification, policy, standard or law. Compliance has traditionally been explained by reference to the deterrence theory, according to which punishing a behavior will decrease the violations both by the wrongdoer and by others. Wikipedia
PCI DSS
Additional Requirements
In this post, we will list and understand additional PCI DSS requirements for different types of entities.
Additional Requirements Read More »
PCI DSS
Requirement 12: Information Security Policy
The organization’s overall information security policy sets the tone for the whole entity and informs personnel what is expected of them.
Requirement 12: Information Security Policy Read More »
PCI DSS
Requirement 11: Test Security Regularly
System components, processes, and bespoke and custom software should be tested frequently to ensure security controls continue to reflect.
Requirement 11: Test Security Regularly Read More »
PCI DSS
Requirement 10: Log And Monitor All Access To Data
Log mechanisms and the ability to track user activities are critical in preventing, detecting, or minimizing the impact of a data compromise.
Requirement 10: Log And Monitor All Access To Data Read More »
PCI DSS
Requirement 9: Restrict Physical Access
Any physical access to cardholder data or systems that store, process, or transmit cardholder data provides the opportunity to criminals.
Requirement 9: Restrict Physical Access Read More »
PCI DSS
Requirement 8: Identify Users And Authenticate Access
These requirements for identity and authentication are based on industry-accepted security principles and best practices.
Requirement 8: Identify Users And Authenticate Access Read More »
PCI DSS
Requirement 7: Restrict Access To Data
Without a mechanism to restrict access based on a user’s need to know, a user may unknowingly be granted access to cardholder data.
Requirement 7: Restrict Access To Data Read More »
PCI DSS
Requirement 6: Develop And Maintain Secure Software
For custom software, numerous vulnerabilities can be avoided by applying software lifecycle (SLC) processes and secure coding techniques.
Requirement 6: Develop And Maintain Secure Software Read More »
PCI DSS
Requirement 5: Protect All Systems From Malicious Software
Malicious software (malware) is software or firmware designed to infiltrate or damage a computer system without the owner’s knowledge.
Requirement 5: Protect All Systems From Malicious Software Read More »
