Clik here to view.
The Shortcomings Of Wireless Scanning
I’m probably going to really stir the pot with this and my coming posts, but I think this is an important subject to discuss. I don’t have all the answers on this topic, but I know that the current...
View ArticleClik here to view.
Wireless Security – Random Thoughts On How To Fix
This has possibly been the hardest post yet to write. Mainly because I am at a loss for answers. There just does not seem to be a lot of solutions out there to address real wireless attacks. So, I...
View ArticleClik here to view.
Wireless Security Update
I had an opportunity this week to be involved in some testing of Motorola’s AirDefense wireless security solution at a client where we were conducting their annual PCI Security Assessment. I wrote in...
View ArticleClik here to view.
Mobile Computing And PCI
Mobile computing is all the rage in Europe and is becoming quite a thing here in the US. As a result, we are seeing more and more inquiries regarding PCI compliance and mobile computing. First, let us...
View ArticleClik here to view.
Wireless Scanning Compensating Control
I got a comment regarding my post titled “Wireless Security – Random Thoughts On How To Fix” asking what sorts of compensating controls would address requirement 11.1. Since I have been looking for a...
View ArticleClik here to view.
Extremely Mobile Payment Processing
In a previous post I discussed mobile computing and PCI compliance. In the last couple of weeks I have been questioned about using mobile devices such as smartphones and Wi-Fi enabled PDAs as payment...
View ArticleClik here to view.
Requirements That Are Never ‘Not Applicable’
Believe it or not, there are two PCI DSS requirements that can never be marked ‘Not Applicable’. According to the PCI SSC, requirements 1.2.3 and 11.1 can never be noted as ‘Not Applicable’....
View ArticleClik here to view.
Removing The Drama Of A PCI DSS Assessment
I had to prepare a presentation for a client a while back giving them some tips on how to prepare and get through a PCI assessment as easy as possible. I thought it might be good to share those...
View Article