What you need to know about Point to Point Encryption
Articles, Blog, Cyber Risk

What you need to know about Point to Point Encryption (P2PE)

by Michael Hopewell, Managing Information Security Consultant.   Introduction Many businesses have heard about Point to Point Encryption (P2PE). Point of Sale vendors, service providers and others often mention its benefits to businesses: P2PE can reduce risk to payment card data by rendering it unreadable, minimise the number of systems and networks in scope for […]

0 Shares
New PCI SSC Program for Software-based PIN entry on COTS Solutions
Articles, Blog, Uncategorized

New PCI SSC Program for Software-based PIN entry on COTS Solutions

Over the last few months, the PCI SSC has published a set of documents to establish a new program for the specification, testing, evaluation and PCI SSC listing of Software-based PIN entry on Commercial Off The Shelf devices (COTS) Solutions.  Solutions also known as SPoC.   The PCI DSS developed this new PCI Security Standard […]

0 Shares
Blog, Risk & Assurance

The VENOM Vulnerability and its impact

The VENOM Vulnerability, a recently discovered critical flaw in the QEMU’s virtual Floppy Disk Controller (FDC) affects numerous virtualisation platforms and appliances such as Xen, KVM, and the native QEMU.   As far as we know, to date, it does not impact VMware, Microsoft Hyper-V, and the Bochs hypervisors. The bug’s name is an acronym […]

0 Shares
Blog

Why operational processes and documentation are an essential part of PCI DSS compliance

by Anne Wood, Managing Information Security Consultant When we work with clients tackling compliance for the first time, we generally find one of two scenarios. In the first, organisations have a comprehensive suite of documents but lack in operational processes. In the second, we see a reasonable level of operational process but a lack of […]

0 Shares
What is PCI DSS?
Blog, Risk & Assurance, Whitepapers

What is PCI DSS?

Natasja Bolton, Consulting Manager   Founded in December 2004 by 5 major card brands – Visa, Mastercard, American Express, Discover and JCB. The Payment Card Industry Data Security Standard or PCI DSS for short is a compliance standard that defines data security requirements relating to the processing, storage or transmission of cardholder data.   In 2006, the card […]

0 Shares