Archive for the ‘PCI’ Category

This week, VPN Haus continues its conversation with Branden Williams, a seasoned information security specialist, about PCI and the cloud. VPN Haus: Because of PCI 2.0’s lack of clarity on the cloud, do you think most merchants will only move non-PCI related data to the cloud – until they get more guidance from the Council? […]

This week, VPN Haus catches up with Branden Williams, a seasoned information security specialist, about PCI and the cloud. VPN Haus: You’ve blogged about the fact that cloud isn’t overtly mentioned in PCI 2.0. Can you provide some examples of common problems merchants/service providers considering cloud solutions might come up against when dealing with QSAs […]

By Anton Chuvakin Mainstream security in the cloud:  Yes, Qualys and a few others have been doing it since 1999 and a few cloud security providers has been absorbed into large entities (latest, sort of). But I suspect that in 2011 we will see much more of “ approach to security of … now in […]

VPN Haus continues its conversation with PCI compliance expert Anton Chuvakin about the latest updates to PCI DSS 2.0, issued late last month. VPN Haus: Do the new standards leave too much open to merchant’s interpretation? Anton Chuvakin: This is really a $1 million-question and only practice will tell. I think the 2.0 version leave […]

We continue our conversation with Martin McKeay, a seasoned IT security professional dedicated to spreading awareness about security and privacy through his “Network Security Blog” and podcast series. On whether PCI standards will strengthen: I think the standards are going to change, but slowly. They’ll change faster than a federal mandate could, and I think […]