5 min read
The ENTITY (a scary PCI monster)
If you're subject to PCI DSS you need to understand "The ENTITY". We aren't talking about a horror movie. Instead we are talking about something...
5 min read
If you're subject to PCI DSS you need to understand "The ENTITY". We aren't talking about a horror movie. Instead we are talking about something...
Control Gap is excited to announce that we will be exhibiting at this year’s @PCISecurityStandardsCouncil Community Meeting on September 17-19. Don’t...
2 min read
As we complete the 3rd hour of the meeting discussing PCI scope, the customer turns to me and asks, “So what’s the minimum that I need to do to pass...
6 min read
Welcome to This Week’s [in]Security. This week: a quiet week for PCI, RDP MFA bypass, make SSNs public, AMCA (Quest, LabCorp, OPKO) breach, Data...
2 min read
NIST recently published a document "Transitioning the Use of Cryptographic Algorithms and Key Lengths" which formalizes the sunset of Triple DES by...
4 min read
Last month NIST announced they were seeking feedback on a proposed updated guidance for FPE. More formally this is SP 800-38G rev 1 "Recommendation...
7 min read
Big changes are coming to payment security in 2019. PCI is launching a grand experiment in payment security - Software PIN on COTS (SPoC) - a subset...
3 min read
To accept credit cards in Canada, businesses need to be PCI compliant. Becoming PCI compliant can be difficult in the first place and keeping up with...
2 min read
PCI Rules Aren't the Only Ones You Need to Comply With Most organizations concerned with payment compliance are focused on the PCI Data Security...