Security Basics mailing list archives
RE: PCIDS Standard
From: Anthony J Placilla <anthony_placilla () SUTH COM>
Date: Tue, 24 May 2005 12:21:07 -0400
http://usa.visa.com/download/business/accepting_visa/ops_risk_management/cisp_PCI_Data_Security_Standard.pdf On Mon, 2005-05-23 at 17:59 -0400, Roger A. Grimes wrote:
I don't know the answer to any of your questions, but I wanted to comment...if you are a computer security person it may pay to take a look at the PCIDSS documentation. It's an excellent example of a general ecommerce security policy. I've reviewed it a few times, even volunteered to help particpate in its creation, and it is a great example of a general security policy. Anyone have the link handy?? (I'm offsite at the moment) Roger ************************************************************************ *** *Roger A. Grimes, Banneret Computer Security, Computer Security Consultant *CPA, CISSP, MCSE: Security (NT/2000/2003/MVP), CNE (3/4), CEH, CHFI *email: roger () banneretcs com *cell: 757-615-3355 *Author of Malicious Mobile Code: Virus Protection for Windows by O'Reilly *http://www.oreilly.com/catalog/malmobcode *Author of Honeypots for Windows (Apress) *http://www.apress.com/book/bookDisplay.html?bID=281 ************************************************************************ **** -----Original Message----- From: Richard Piedrahita [mailto:piedrahr () wchsys org] Sent: Monday, May 23, 2005 12:33 PM To: security-basics () securityfocus com Subject: PCIDS Standard Hello: This note is not to question the wisdom of the Payment Card Information Data Security Standard due to become effective on June 30 here. What I would like to find out is if this is something that the card companies are adopting and are pushing on down to their merchants (it looks like it is), or, is this another regulation/law somewhere that needs to be tracked and checked off as "Compliant" for all businesses that accept credit card payments of one sort or another? Is there any information on how to identify which business software is in compliance with this standard (at least for small retail or restaurant like businesses)? Thanks, Rick. Richard J. Piedrahita Information Services WCHS, Inc. 301-790-8902 ***** CONFIDENTIALITY NOTICE ***** This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system.
-- Tony Placilla, RHCT anthony_placilla () suth com J.O.A.T. GPG-Key-ID: 1024D/C78F8B64 http://pgp.mit.edu Key fingerprint = A8D5 7AFF CE88 4179 C792 D9A9 F197 2A15 C78F 8B64
Current thread:
- PCIDS Standard Richard Piedrahita (May 23)
- Re: PCIDS Standard Security (May 24)
- <Possible follow-ups>
- RE: PCIDS Standard Roger A. Grimes (May 24)
- RE: PCIDS Standard Anthony J Placilla (May 26)
- RE: PCIDS Standard Roger A. Grimes (May 26)