Full Disclosure mailing list archives
Re: Compliance Is Wasted Money, Study Finds
From: Mike Hale <eyeronic.design () gmail com>
Date: Fri, 23 Apr 2010 10:20:35 -0700
You don't think in-house payment gateways can be as stable as third party gateways? On Fri, Apr 23, 2010 at 9:28 AM, Christian Sciberras <uuf6429 () gmail com> wrote:
it is simply part of the cost of doing business in that market. A.k.a. wasted money. Truth be told, I'm no fan of PCI. Other companies get the same functionality (accept the storage of credit cards) without worrying about PCI/DSS (e.g. through Payment Gateways). In the end, as a service, what do I want, an inventory of credit cards, or a stable payment system? The later I guess. As to security, it totally depends on implementation; one can handle credit cards without the need of standards compliance. My two cents. Regards, Christian Sciberras. On Fri, Apr 23, 2010 at 6:07 PM, Thor (Hammer of God) <Thor () hammerofgod com> wrote:Another thing that I think people fail to keep in mind is that when it comes to PCI, it is part of a contractual agreement between the entity and card facility they are working with. If a business wants to accept credit cards as a means of payment (based on volume) then part of their agreement is that they must undergo compliance to a standard implemented by the industry. I don’t know why people get all emotional about it and throw up their hands with all the “this is wasted money” positioning – it’s not wasted at all; it is simply part of the cost of doing business in that market. t From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Christopher Gilbert Sent: Thursday, April 22, 2010 4:48 PM To: Mike Hale Cc: full-disclosure; security-basics () securityfocus com Subject: Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds The paper concludes that companies are underinvesting in--or improperly prioritizing--the protection of their secrets. Nowhere does it state that the money spent on compliance is money wasted. On Wed, Apr 21, 2010 at 5:44 PM, Mike Hale <eyeronic.design () gmail com> wrote: I find the findings completely flawed. Am I missing something? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Compliance Is Wasted Money, Study Finds, (continued)
- Re: Compliance Is Wasted Money, Study Finds Thor (Hammer of God) (Apr 23)
- Re: Compliance Is Wasted Money, Study Finds Christian Sciberras (Apr 23)
- Re: Compliance Is Wasted Money, Study Finds Christian Sciberras (Apr 23)
- Re: Compliance Is Wasted Money, Study Finds Thor (Hammer of God) (Apr 23)
- Re: Compliance Is Wasted Money, Study Finds Christian Sciberras (Apr 23)
- Re: Compliance Is Wasted Money, Study Finds Thor (Hammer of God) (Apr 23)
- Re: Compliance Is Wasted Money, Study Finds Christian Sciberras (Apr 23)
- Re: Compliance Is Wasted Money, Study Finds BMF (Apr 23)
- Re: Compliance Is Wasted Money, Study Finds Christian Sciberras (Apr 23)
- Re: Compliance Is Wasted Money, Study Finds Mike Hale (Apr 24)
- Re: Compliance Is Wasted Money, Study Finds Mike Hale (Apr 23)
- Re: Compliance Is Wasted Money, Study Finds Michael Holstein (Apr 23)
- Re: Compliance Is Wasted Money, Study Finds Nick FitzGerald (Apr 25)
- Re: Compliance Is Wasted Money, Study Finds Tracy Reed (Apr 25)
- Re: Compliance Is Wasted Money, Study Finds Nick FitzGerald (Apr 25)
- Re: Compliance Is Wasted Money, Study Finds Mike Hale (Apr 26)
- Re: Compliance Is Wasted Money, Study Finds Valdis . Kletnieks (Apr 25)
- Re: Compliance Is Wasted Money, Study Finds Tracy Reed (Apr 25)
- Re: Compliance Is Wasted Money, Study Finds Christian Sciberras (Apr 25)