Website Verification

Learn about how you can make your website secure and safe for your customers

  • Website Verification Poll

  • Mybloglog

    Join My Community at MyBloglog!
  • Check out my website verification online magazine:

  • Add my blog to:

    Add to Technorati Favorites

Archive for May, 2009

What’s Wrong With The PCI DSS?

Posted by websiteverification on May 14, 2009

There has been a lot of criticism regarding companies following the PCI DSS as there only form of security. While it is important to have other options for security, following the PCI DSS does work!
clipped from www.tripwire.com

There’s nothing wrong with PCI DSS that cannot be cured by following it

I continue to hear comments that PCI DSS doesn’t work and that it should be modified or even eliminated.
find it interesting that so much fault can be leveled at PCI DSS in light of the facts that Verizon Business puts forth in their 2009 Data Breach Investigations Report. Here are some of their findings after investigating data breaches that compromised 285 million records in 2008 alone:
 81% of the victims were not PCI compliant
The last point—81% of the victims were not PCI compliant—speaks volumes about the spirit, intent and effectiveness of PCI DSS …. if it is treated as security best practice and followed on a daily basis rather than treating it as a checklist that must be passed annually. Until each of the above percentages changes dramatically, I think PCI DSS should be seen as a good security best practice to follow continuously.
Posted by Ed Rarick
  blog it
Advertisements

Posted in pci compliance, website verification | Tagged: , , , , , | 1 Comment »