The Shortcomings Of Wireless Scanning
I’m probably going to really stir the pot with this and my coming posts, but I think this is an important subject to discuss. I don’t have all the answers on this topic, but I know that the current...
View ArticleWireless Security – Random Thoughts On How To Fix
This has possibly been the hardest post yet to write. Mainly because I am at a loss for answers. There just does not seem to be a lot of solutions out there to address real wireless attacks. So, I...
View ArticleWireless Security Update
I had an opportunity this week to be involved in some testing of Motorola’s AirDefense wireless security solution at a client where we were conducting their annual PCI Security Assessment. I wrote in...
View ArticleMobile Computing And PCI
Mobile computing is all the rage in Europe and is becoming quite a thing here in the US. As a result, we are seeing more and more inquiries regarding PCI compliance and mobile computing. First, let us...
View ArticleWireless Scanning Compensating Control
I got a comment regarding my post titled “Wireless Security – Random Thoughts On How To Fix” asking what sorts of compensating controls would address requirement 11.1. Since I have been looking for a...
View ArticleExtremely Mobile Payment Processing
In a previous post I discussed mobile computing and PCI compliance. In the last couple of weeks I have been questioned about using mobile devices such as smartphones and Wi-Fi enabled PDAs as payment...
View ArticleRequirements That Are Never ‘Not Applicable’
Believe it or not, there are two PCI DSS requirements that can never be marked ‘Not Applicable’. According to the PCI SSC, requirements 1.2.3 and 11.1 can never be noted as ‘Not Applicable’....
View ArticleRemoving The Drama Of A PCI DSS Assessment
I had to prepare a presentation for a client a while back giving them some tips on how to prepare and get through a PCI assessment as easy as possible. I thought it might be good to share those...
View Article